09-04-2012 11:21 AM - edited 03-11-2019 04:49 PM
Hello All,
I have a problem with my ssh access.
I have two interfaces, 172.17.5.250 = Outside, security Level 0
10.11.3.2 = Inside, security Level 1
I can access by ssh using Outside
I can not access by ssh using Inside. I receive this message in my prompt:
ssh user@10.11.3.2
Selected cipher type <unknown> not supported by server.
I tried with ssh -1 and ssh -2. Not works.
I have ssh allowed for this source network. SSH version 1&2.
I tried:
ASA(config)#crypto key zeroize rsa
Issue this command in order to generate the new key:
ASA(config)# crypto key generate rsa modulus 1024
But no success
Cisco 8.2(12)2
Thanks
09-05-2012 04:17 AM
Hi Jullio...
Follow..
FW(config)# crypto key zeroize rsa
WARNING: All RSA keys will be removed.
WARNING: All device digital certificates issued using these keys will also be removed.
Do you really want to remove these keys? [yes/no]: yes
and now? generate new?
09-05-2012 05:06 AM
I generated... but, no way
09-05-2012 09:27 AM
Hello Diego,
Do you still get the same log from the client?
What logs are being showed by the ASA?
Regards,
Julio
09-05-2012 09:55 AM
So..
FWINTERNO# debug ssh
debug ssh enabled at level 1
FW# Device ssh opened successfully.
SSH1: SSH client: IP = '172.19.4.121' interface # = 2
SSH: host key initialised
SSH1: starting SSH control process
SSH1: Exchanging versions - SSH-1.5-Cisco-1.25
SSH1: send SSH message: outdata is NULL
server version string:SSH-1.5-Cisco-1.25SSH1: receive SSH message: 83 (83)
SSH1: client version is - SSH-1.5-OpenSSH_4.3
client version string:SSH-1.5-OpenSSH_4.3SSH1: begin server key generation
SSH1: complete server key generation, elapsed time = 910 ms
SSH1: declare what cipher(s) we support:
00 0x00 0x00 0x04 0xSSH1: send SSH message: SSH_SMSG_PUBLIC_KEY (2)
SSH1: SSH_SMSG_PUBLIC_KEY message sent
SSH1: receive SSH message: [no message ID: variable *data is NULL]
SSH1: Session disconnected by SSH server - error 0x00 "Internal error"
SSH0: receive SSH message: SSH_CMSG_WINDOW_SIZE (11)
09-05-2012 01:57 PM
And now?
Any idea???
09-05-2012 02:20 PM
Hello Diego,
Hmm provide the following:
Show version
Show run ssl
sh crypto key mypubkey rsa
Regards,
Julio
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: