Has it ever worked?

Future Group Network · ‎08-13-2017

unable to login to Cisco ASA through SSH.

getting below error.

"ssh_exchange_identification: read: Connection reset by peer"

Marvin Rhoads · ‎08-13-2017

Has it ever worked?

If not, do you have an active 3DES-AES license? Have you created an RSA key on the ASA and allowed the source address (or subnet) of the client you are using?

If so, what has changed?f

Future Group Network · ‎08-13-2017

Dear Marvin,

Yes it was working earlier .

can we get the steps to re0configure SSH.ASA model is 5545.

Marvin Rhoads · ‎08-13-2017

Please first share the output of the following via console:

sh ver | i AES
show ssh

Future Group Network · ‎08-16-2017

Dear Marvin,

Please find the below output and help us.

FG-POC-ASA-1/act/pri# sh version | include AES
Encryption-3DES-AES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
FG-POC-ASA-1/act/pri# sho
FG-POC-ASA-1/act/pri# show ssh
ssh secure copy : ENABLED
Timeout: 5 minutes
Versions allowed: 1 and 2
0.0.0.0 0.0.0.0 INSIDE

Marvin Rhoads · ‎08-16-2017

Try generating a new key. Run the following from config mode:

crypto key gen rsa mod 2048

It's also a good idea to restrict ssh to v2:

ssh version 2

Cisco ASA 5545