I seem to recall a bug around

XIE YAO · ‎05-07-2015

Hi Expert,

Recently came across one issue on client that every time ASA reboots, SSH will not work.

It looks very likely that private key seems corrupted as I have to zeroize the old key and regenerate a new one, any idea why this is happening?

SSH session from x.x.x.x on interface outside for user "" disconnected by SSH server, reason: "Internal error" (0x00)

Regards

Jack

Vibhor Amrodia · ‎05-09-2015

Hi,

I think this might be related to the corrupt flash otherwise i don't think this should be corrupting the keys after the reloading of the ASA device.

Try an fsck flash and see if that throws any errors ?

Thanks and Regards,

Vibhor Amrodia

XIE YAO · ‎05-10-2015

Actually, this was what I didn't figure out, why I can't seems to find any key under flash/disk0? is this by design that the key can't be easily found?

Marvin Rhoads · ‎05-09-2015

I seem to recall a bug around this issue. What version of ASA software are you running?

XIE YAO · ‎05-10-2015

8.2.5, without any interim hotfix

Marvin Rhoads · ‎05-10-2015

Can you verify you have

aaa authentication ssh console LOCAL

...set?

You might also try "debug ip ssh" and/or also look at a packet trace from your client when trying to connect. They may give a more useful and precise error message.

Re your other question - yes the RSA key is not shown in a filesystem directory.

ASA SSH issue, RSA key may be corrupted?