cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3582
Views
0
Helpful
7
Replies

ASA 5510 ssh

aadilovic
Level 1
Level 1

hello,

i have router 2801 which is connected to ASA to Outside interface, and have problem with ssh ver 1.

sh ssh

0.0.0.0 0.0.0.0 Inside

0.0.0.0 0.0.0.0 Outside.

any suggestions?

please-thanks

7 Replies 7

brettmilborrow
Level 1
Level 1

have you generated your ssh keys on the ASA?

Try this command:

crypto key generate rsa modulus 1024

yes i do...

and security-level on out interface is 50

from inside its work

try running:

'debug ssh'

And then attempt to connect to the firewall using ssh. This may give a clue why the session is failing.

when i try to connect i get this on router

2801#ssh -v 1 -l local 192.168.250.5

[Connection to 192.168.250.5 aborted: error status 33]

Could you run the 'debug ssh' command on the firewall whilst you try to connect.

I had a similar problem with an ASA5510 (192.168.50.206)

!------------------------------

Switch#ssh -l admin 192.168.50.206

[Connection to 192.168.50.206 aborted: error status 34]

!-----------------------------

after generating a new cert and changing ssh ver to 2 the problem disapeared.

Not sure if this is an option for you but I know there are some vulnerabilitys in ssh v1 as well.


DGW

Hello Dylan,

Remember that SSH version 1 uses 768 bits for the rsa key

Use

ssh -v 1 -l username  IP address

Make sure you have configured the ASA to use Version 1

ASA(config)# ssh version 1

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: