Solved: Sh ssh session on ASA

mahesh18 · ‎04-04-2013

Hi Everyone,

When i have no ssh connection to ASA i do

sh ssh sessions it shows blank that is ok.

When i ssh to ASA from outside interface i ran the command

ciscoasa# sh ssh sessions

SID Client IP Version Mode Encryption Hmac State Username

0 192.168.5.2 2.0 IN aes128-cbc sha1 SessionStarted cisco1

OUT aes128-cbc sha1 SessionStarted cisco1

Need to understand when i have only 1 ssh session to ASA why does it show

Mode in and out ?

encryption with 2 entries and state and username with 2 entries ?

Regards

Mahesh

Julio Carvajal · ‎04-04-2013

Hello Sr,

Nice to see you around again

I would say that Cisco would explain it way better than me so here you go

The Mode column describes the direction of the SSH data streams. For SSH version 2, which can use the same or different encryption algorithms, the Mode field displays in and out. For SSH version 1, which uses the same encryption in both directions, the Mode field displays nil (`-') and allows only one entry per connection.

Examples

The following example demonstrates the output of the show ssh sessions command:

hostname# show ssh sessions

SID Client IP       Version Mode Encryption Hmac     State           Username

0   172.69.39.39    1.99    IN   aes128-cbc md5      SessionStarted  pat

                            OUT  aes128-cbc md5      SessionStarted  pat

1   172.23.56.236   1.5     -    3DES       -        SessionStarted  pat

2   172.69.39.29    1.99    IN   3des-cbc   sha1     SessionStarted  pat

                            OUT  3des-cbc   sha1     SessionStarted  pat

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

Julio Carvajal · ‎04-04-2013