cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1889
Views
0
Helpful
2
Replies

Sh ssh session on ASA

mahesh18
Frequent Contributor
Frequent Contributor

Hi Everyone,

When i have no ssh connection to ASA  i do

sh ssh sessions it shows blank that is ok.

When i ssh to ASA  from outside interface i ran the command

ciscoasa# sh ssh sessions

SID Client IP       Version Mode Encryption Hmac     State                     Username

0   192.168.5.2     2.0     IN       aes128-cbc sha1     SessionStarted       cisco1

                                    OUT    aes128-cbc sha1     SessionStarted       cisco1

Need to understand  when  i have only 1 ssh session to ASA  why does it show

Mode   in and out ?

encryption with 2 entries and state and username with 2 entries ?

Regards

Mahesh

1 Accepted Solution

Accepted Solutions

Julio Carvajal
Advisor
Advisor

Hello Sr,

Nice to see you around again

I would say that Cisco would explain it way better than me so here you go

The Mode column describes the direction of the SSH data streams. For SSH version 2, which can use the same or different encryption algorithms, the Mode field displays in and out. For SSH version 1, which uses the same encryption in both directions, the Mode field displays nil (`-') and allows only one entry per connection.

Examples

The following example demonstrates the output of the show ssh sessions command:

hostname# show ssh sessions

SID Client IP       Version Mode Encryption Hmac     State           Username

0   172.69.39.39    1.99    IN   aes128-cbc md5      SessionStarted  pat

                            OUT  aes128-cbc md5      SessionStarted  pat

1   172.23.56.236   1.5     -    3DES       -        SessionStarted  pat

2   172.69.39.29    1.99    IN   3des-cbc   sha1     SessionStarted  pat

                            OUT  3des-cbc   sha1     SessionStarted  pat
Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

2 Replies 2

Julio Carvajal
Advisor
Advisor

Hello Sr,

Nice to see you around again

I would say that Cisco would explain it way better than me so here you go

The Mode column describes the direction of the SSH data streams. For SSH version 2, which can use the same or different encryption algorithms, the Mode field displays in and out. For SSH version 1, which uses the same encryption in both directions, the Mode field displays nil (`-') and allows only one entry per connection.

Examples

The following example demonstrates the output of the show ssh sessions command:

hostname# show ssh sessions

SID Client IP       Version Mode Encryption Hmac     State           Username

0   172.69.39.39    1.99    IN   aes128-cbc md5      SessionStarted  pat

                            OUT  aes128-cbc md5      SessionStarted  pat

1   172.23.56.236   1.5     -    3DES       -        SessionStarted  pat

2   172.69.39.29    1.99    IN   3des-cbc   sha1     SessionStarted  pat

                            OUT  3des-cbc   sha1     SessionStarted  pat
Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Thanks again Julio

Mahesh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers