Solved: SSH access to PIX

hermann.pees · ‎10-02-2002

Hello ,

i have a PIX 515 . I have configure SSH access to the outside interface. But if i login the access rejected with the error.

Invalid message type

I have configure a username password with all privileg . The actualy Siftware is the Version 6.2 .

The access with PDM works fine.

anybody an idea ?

thanks

rgreville · ‎10-04-2002

First of all you need todo the foillowing

hostname XXXXXXXX

Domain-name XXXXXXXX

passwd XXXXXXX (this is the password used to authenticate Telnet / SSH)

Then you will need to create a RSA key pair

ca generate rsa key 512 (check this command you can mess around with the encryption levels ie 512 or 1204)

Allow Hosts/Networks to ssh to your PIX

ssh #ip address or network# #subnet mask# #interface#

EG

If my external IP address my 1.1.1.1 and I needed to acess your pix you would have to enter the following command

ssh 1.1.1.1 255.255.255.255 outside

If you get prompted for a username try pix, I use scrt very good terminal software.

Thanks

RG

View solution in original post

steve.barlow · ‎10-02-2002

Have you entered all these commands on the PIX:

ssh x.x.x.x 255.255.255.255 outside

ssh timeout x

hostname pix

domain-name example.com

ca generate rsa key 1024

If yes, what is your SSH client version, should be 1.x (I use 1.5 and it works).

Hope it helps.

Steve

steve.barlow · ‎10-02-2002

From cisco:

Invalid message type: The PIX Firewall received a non-SSH message, or an unsupported or unwanted SSH message.

Action: Check whether the peer is an SSH client. If it is a client supporting SSHv1, and this message persists, from the PIX serial console enter the debug ssh command and capture the debug messages. Then contact Cisco TAC.