We are experiencing an access issue with one of our ACE LB contexts: It cannot be reached via ssh.
We can ssh to the Admin context and from there change to the specific LB context. Attempts to ssh directly to the context time out.
The context is a secondary / fail-over context on a pair of ACE blades running A2(3.4)
It's not a firewall or connectivity issue, since we have no problem with the Admin context and they are all on the same vlan.
What I'd like to know is whether there's a way to reload the sshd daemon on the ACE LB context.
Is this a new implementation, the contexts that is? Have you ever been able to ssh to the context? If this a new implementation, did you add the management policy for the context?
you can see the open ssh sessions with the following command
sh ssh session-info
then you can use
switch/Admin# clear ssh ?
<0-2147483647> Use clear ssh ssh_id to kill an ssh session
hosts Clear the list of trusted ssh hosts
to kill any hung sessions.
Thanks for your reply.
This is not a new implementation and the context was previosly available to ssh. The management policy is configured and we have no problem accessing the active context of the fault-tolerant pair.
When I try to ssh from our management server the ACE shows the ssh session but I never get a prompt:
From the LB:
ctspogdcnwace02/ctsbogdcnwbal01# sh ssh session-info
Session ID Remote Host Active Time
7849 10.xxx.xxx.37:37890 0: 4:51
From the source:
[ribeirj@ctsbigdcemath02:~] $ ssh -l ribeirj 10.xxx.xxx.21
The authenticity of host '10.xxx.xxx.21 (10.xxx.xxx.21)' can't be established.
RSA key fingerprint is 13:c9:64:0f:8e:dd:07:3a:d1:33:80:09:7e:db:39:f9.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.xxx.xxx.21' (RSA) to the list of known hosts.
And then it times out. The session is never opened on the client side and I don't get a prompt.
I've checked all other contexts and there are no hung ssh sessions.
Is there a way to reload the ssh daemon for a specific context?