09-04-2012 11:21 AM - edited 03-11-2019 04:49 PM
Hello All,
I have a problem with my ssh access.
I have two interfaces, 172.17.5.250 = Outside, security Level 0
10.11.3.2 = Inside, security Level 1
I can access by ssh using Outside
I can not access by ssh using Inside. I receive this message in my prompt:
ssh user@10.11.3.2
Selected cipher type <unknown> not supported by server.
I tried with ssh -1 and ssh -2. Not works.
I have ssh allowed for this source network. SSH version 1&2.
I tried:
ASA(config)#crypto key zeroize rsa
Issue this command in order to generate the new key:
ASA(config)# crypto key generate rsa modulus 1024
But no success
Cisco 8.2(12)2
Thanks
09-05-2012 04:17 AM
Hi Jullio...
Follow..
FW(config)# crypto key zeroize rsa
WARNING: All RSA keys will be removed.
WARNING: All device digital certificates issued using these keys will also be removed.
Do you really want to remove these keys? [yes/no]: yes
and now? generate new?
09-05-2012 05:06 AM
I generated... but, no way
09-05-2012 09:27 AM
Hello Diego,
Do you still get the same log from the client?
What logs are being showed by the ASA?
Regards,
Julio
09-05-2012 09:55 AM
So..
FWINTERNO# debug ssh
debug ssh enabled at level 1
FW# Device ssh opened successfully.
SSH1: SSH client: IP = '172.19.4.121' interface # = 2
SSH: host key initialised
SSH1: starting SSH control process
SSH1: Exchanging versions - SSH-1.5-Cisco-1.25
SSH1: send SSH message: outdata is NULL
server version string:SSH-1.5-Cisco-1.25SSH1: receive SSH message: 83 (83)
SSH1: client version is - SSH-1.5-OpenSSH_4.3
client version string:SSH-1.5-OpenSSH_4.3SSH1: begin server key generation
SSH1: complete server key generation, elapsed time = 910 ms
SSH1: declare what cipher(s) we support:
00 0x00 0x00 0x04 0xSSH1: send SSH message: SSH_SMSG_PUBLIC_KEY (2)
SSH1: SSH_SMSG_PUBLIC_KEY message sent
SSH1: receive SSH message: [no message ID: variable *data is NULL]
SSH1: Session disconnected by SSH server - error 0x00 "Internal error"
SSH0: receive SSH message: SSH_CMSG_WINDOW_SIZE (11)
09-05-2012 01:57 PM
And now?
Any idea???
09-05-2012 02:20 PM
Hello Diego,
Hmm provide the following:
Show version
Show run ssl
sh crypto key mypubkey rsa
Regards,
Julio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide