06-27-2005 08:55 AM - edited 02-21-2020 12:14 AM
I have generated and saved a RSA Key and then set a ssh statement for my address.
Putty returns a connection refused statement. What have I missed?
06-27-2005 11:06 AM
Did you save the CA with the "ca save all" command? If not, I would check to see if you have an ACL permitting the connection to the PIX.
06-27-2005 06:47 PM
Most flavors of PIX IOS only support SSH version 1.
Try it as SSH version 1 with 3DES (or DES if that's all your license permits).
If you do a 'sh ver' it will give you your license restrictions.
Good Luck
Scott
06-28-2005 08:23 PM
Just like the other reply mentioned, "ca save all" will save the RSA Key information, a "write memory" will not. Upon reboot, if this command wasn't specified, you will be unable to gain access with SSH. Also, if you change the domain name/host name of the device, this will also cause your SSH sessions to not work. The RSA Key is bound to your domain name you specify.
06-30-2005 03:15 AM
With my experiance, it's been that you're using DES (Putty defaults to 3DES I think). If you go to the ssh category in the Putty config you can move DES up above the "warn below here" line. Or the "ca save all" wasn't issued and you lost the key on reboot. It could be an accesslist somewhere else in the configuration also. Have you tried to capture the packets and see if they're in fact getting to the machine?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide