Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1319
Views
0
Helpful
5
Replies

Reload SSH daemon on ACE LB Context

josefribeiro
Level 1
Level 1

‎05-22-2012 08:48 AM

Hi All,

We are experiencing an access issue with one of our ACE LB contexts: It cannot be reached via ssh.

We can ssh to the Admin context and from there change to the specific LB context. Attempts to ssh directly to the context time out.

The context is a secondary / fail-over context on a pair of ACE blades running A2(3.4)

It's not a firewall or connectivity issue, since we have no problem with the Admin context and they are all on the same vlan.

What I'd like to know is whether there's a way to reload the sshd daemon on the ACE LB context.

Thanks,

Jose Ribeiro

Labels:
0 Helpful
5 Replies 5

cpomeroy
Level 1
Level 1

‎05-22-2012 08:52 AM

Jose,

     Is this a new implementation, the contexts that is?  Have you ever been able to ssh to the context?  If this a new implementation, did you add the management policy for the context?

you can see the open  ssh sessions with the following command

sh ssh session-info

then you can use

switch/Admin# clear ssh ?

  <0-2147483647>  Use clear ssh ssh_id to kill an ssh session

  hosts           Clear the list of trusted ssh hosts

to kill any hung sessions.

0 Helpful

josefribeiro
Level 1
Level 1
In response to cpomeroy

‎05-22-2012 09:10 AM

Hi Chris,

Thanks for your reply.

This is not a new implementation and the context was previosly available to ssh. The management policy is configured and we have no problem accessing the active context of the fault-tolerant pair.

When I try to ssh from our management server the ACE shows the ssh session but I never get a prompt:

From the LB:

ctspogdcnwace02/ctsbogdcnwbal01# sh ssh session-info

Session ID     Remote Host         Active Time        

7849           10.xxx.xxx.37:37890    0: 4:51           

ctspogdcnwace02/ctsbogdcnwbal01#

From the source:

[ribeirj@ctsbigdcemath02:~] $ ssh -l ribeirj 10.xxx.xxx.21

The authenticity of host '10.xxx.xxx.21 (10.xxx.xxx.21)' can't be established.

RSA key fingerprint is 13:c9:64:0f:8e:dd:07:3a:d1:33:80:09:7e:db:39:f9.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '10.xxx.xxx.21' (RSA) to the list of known hosts.

And then it times out. The session is never opened on the client side and I don't get a prompt.

Thanks,

Jose

0 Helpful

cpomeroy
Level 1
Level 1
In response to josefribeiro

‎05-22-2012 09:26 AM

Can you try show ssh session-info from all the other contexts?  Do you see any hung sessions?

0 Helpful

josefribeiro
Level 1
Level 1
In response to cpomeroy

‎05-22-2012 11:03 AM

I've checked all other contexts and there are no hung ssh sessions.

Is there a way to reload the ssh daemon for a specific context?

0 Helpful

cpomeroy
Level 1
Level 1
In response to cpomeroy

‎05-22-2012 12:08 PM

Jose,

      There is no way to reload just the ssh daemon for a context.  Only option is a reload.

Chris

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents