Re: ASA 5545 SSH issue Local user / Connection closed by remote host

zizou6500 · ‎07-08-2021

Hello guys,

ASA Version 9.12(3)12

Am Re-configuring a used ASA and am managing it remotely, i have configured a local ssh user. username xxx password ***** pbkdf2

but when trying to access it gives me the follwoing output:

ssh_exchange_identification: Connection closed by remote host

here is the show run ssh output:

ssh scopy enable
ssh stricthostkeycheck
ssh pubkey-chain
server 172.17.252.4
ssh timeout 20
ssh version 2
ssh cipher integrity medium
ssh key-exchange group dh-group1-sha1
ssh QH-Infrastructure 255.255.0.0 management
ssh QH-Monitoring 255.255.0.0 management
ssh QH-SNMP 255.255.255.255 management
ssh QH-Monitoring 255.255.0.0 LANQH
ssh QH-Infrastructure 255.255.0.0 LANQH
console timeout 0

Can you please advice?

balaji.bandi · ‎07-08-2021

are you trying from management network since you allowed only management?

we need to see full config "show run"

or try below methods :

crypto key zero noconfirm <-- this removed all keys (if this device in production bit cautious )

crypto key generate rsa no confirm

and

hostname HOSTNAME

domain-name DOMAINNAME

crypto key generate rsa

if you trying from inside try adding :

ssh 0.0.0.0 0.0.0.0 inside

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

cmarva · ‎07-09-2021

my first guess would be the key exchange statement. i would try choosing a different one, whatever is available in the version your asa is running. just as an example, we have all of our ASAs set with DH group 14. But I'm guessing that's where the mismatch is, either your ssh client doesn't like what it gets from the asa, or vice versa.

balaji.bandi · ‎07-09-2021

try dh 5 start with

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help