07-30-2015 06:30 AM - edited 03-11-2019 11:21 PM
Hi Recently I have an issue in ASA5540. Whenever I log off and log onto the asa(before enable), I get the below information. Anyone can explain it for me ? Thank you
---------------
[LOCAL] : RECV[0]: channel eof
[LOCAL] : SEND[0]: SSH_MSG_CHANNEL_EOF
[LOCAL] : Changing state from STATE_CONNECTION to STATE_TRANSPORT_STOPPING
[LOCAL] : Changing state from STATE_TRANSPORT_STOPPING to STATE_CLOSING
[LOCAL] : Changing state from STATE_CLOSING to STATE_ALMOST_CLOSED
[LOCAL] : Changing state from STATE_ALMOST_CLOSED to STATE_CLOSED
Logoff
[LOCAL] : Connected for 2214 seconds, 12087 bytes sent, 372203 bytes received
[LOCAL] : Stream has closed [CLOSE_TYPE_NONSPECIFIC] : The operation completed successfully.
[LOCAL] : SSH2Core version 7.1.0.316
[LOCAL] : Connecting to 172.31.1.2:22 ...
[LOCAL] : Changing state from STATE_NOT_CONNECTED to STATE_EXPECT_KEX_INIT
SecureCRT - Version 7.1.2 (build 316)
[LOCAL] : Using protocol SSH2
[LOCAL] : RECV : Remote Identifier = 'SSH-2.0-Cisco-1.25'
[LOCAL] : CAP : Remote can re-key
[LOCAL] : CAP : Remote sends language in password change requests
[LOCAL] : CAP : Remote sends algorithm name in PK_OK packets
[LOCAL] : CAP : Remote sends algorithm name in public key packets
[LOCAL] : CAP : Remote sends algorithm name in signatures
[LOCAL] : CAP : Remote sends error text in open failure packets
[LOCAL] : CAP : Remote sends name in service accept packets
[LOCAL] : CAP : Remote includes port number in x11 open packets
[LOCAL] : CAP : Remote uses 160 bit keys for SHA1 MAC
[LOCAL] : CAP : Remote supports new diffie-hellman group exchange messages
[LOCAL] : CAP : Remote correctly handles unknown SFTP extensions
[LOCAL] : CAP : Remote correctly encodes OID for gssapi
[LOCAL] : CAP : Remote correctly uses connected addresses in forwarded-tcpip requests
[LOCAL] : CAP : Remote can do SFTP version 4
[LOCAL] : CAP : Remote uses SHA1 hash in RSA signatures for x.509v3
[LOCAL] : CAP : Remote x.509v3 uses ASN.1 encoding for DSA signatures
[LOCAL] : CAP : Remote correctly handles zlib@openssh.com
[LOCAL] : SSPI : Requesting full delegation
[LOCAL] : SSPI : [Kerberos] SPN : host@172.31.1.2
[LOCAL] : SSPI : [Kerberos] InitializeSecurityContext() failed.
[LOCAL] : SSPI : [Kerberos] The specified target is unknown or unreachable
[LOCAL] : SSPI : [Kerberos] Disabling gss mechanism
[LOCAL] : GSS : Requesting full delegation
[LOCAL] : GSS : [Kerberos] SPN : host@172.31.1.2
[LOCAL] : GSS : [Kerberos] InitializeSecurityContext() failed.
[LOCAL] : GSS : [Kerberos] Could not load library 'gssapi32.dll': The specified module could not be found.
[LOCAL] : GSS : [Kerberos] Disabling gss mechanism
[LOCAL] : GSS : [Kerberos] Disabling gss mechanism
[LOCAL] : The following key exchange method has been filtered from the key exchange method list because it is not supported: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==
[LOCAL] : SSPI : Requesting full delegation
[LOCAL] : SSPI : [Kerberos (Group Exchange)] SPN : host@172.31.1.2
[LOCAL] : SSPI : [Kerberos (Group Exchange)] InitializeSecurityContext() failed.
[LOCAL] : SSPI : [Kerberos (Group Exchange)] The specified target is unknown or unreachable
[LOCAL] : SSPI : [Kerberos (Group Exchange)] Disabling gss mechanism
[LOCAL] : GSS : Requesting full delegation
[LOCAL] : GSS : [Kerberos (Group Exchange)] SPN : host@172.31.1.2
[LOCAL] : GSS : [Kerberos (Group Exchange)] InitializeSecurityContext() failed.
[LOCAL] : GSS : [Kerberos (Group Exchange)] Could not load library 'gssapi32.dll': The specified module could not be found.
[LOCAL] : GSS : [Kerberos (Group Exchange)] Disabling gss mechanism
[LOCAL] : GSS : [Kerberos (Group Exchange)] Disabling gss mechanism
[LOCAL] : The following key exchange method has been filtered from the key exchange method list because it is not supported: gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==
[LOCAL] : SEND : KEXINIT
[LOCAL] : RECV : Read kexinit
[LOCAL] : Available Remote Kex Methods = diffie-hellman-group1-sha1
[LOCAL] : Selected Kex Method = diffie-hellman-group1-sha1
[LOCAL] : Available Remote Host Key Algos = ssh-rsa
[LOCAL] : Selected Host Key Algo = ssh-rsa
[LOCAL] : Available Remote Send Ciphers = aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
[LOCAL] : Selected Send Cipher = aes256-cbc
[LOCAL] : Available Remote Recv Ciphers = aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
[LOCAL] : Selected Recv Cipher = aes256-cbc
[LOCAL] : Available Remote Send Macs = hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
[LOCAL] : Selected Send Mac = hmac-sha1
[LOCAL] : Available Remote Recv Macs = hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
[LOCAL] : Selected Recv Mac = hmac-sha1
[LOCAL] : Available Remote Compressors = none
[LOCAL] : Selected Compressor = none
[LOCAL] : Available Remote Decompressors = none
[LOCAL] : Selected Decompressor = none
[LOCAL] : Changing state from STATE_EXPECT_KEX_INIT to STATE_KEY_EXCHANGE
[LOCAL] : SEND : KEXDH_INIT
[LOCAL] : RECV : KEXDH_REPLY
[LOCAL] : Changing state from STATE_KEY_EXCHANGE to STATE_READY_FOR_NEW_KEYS
[LOCAL] : RECV: Remote Hostkey: d8:1d:40:b9:f2:21:4d:c3:b3:fd:99:8a:86:57:f3:07
[LOCAL] : SEND : NEWKEYS
[LOCAL] : Changing state from STATE_READY_FOR_NEW_KEYS to STATE_EXPECT_NEWKEYS
[LOCAL] : RECV : NEWKEYS
[LOCAL] : Changing state from STATE_EXPECT_NEWKEYS to STATE_CONNECTION
[LOCAL] : SEND: SERVICE_REQUEST[ssh-userauth]
[LOCAL] : RECV: SERVICE_ACCEPT[ssh-userauth] -- OK
[LOCAL] : SENT : USERAUTH_REQUEST [none]
[LOCAL] : RECV : USERAUTH_FAILURE, continuations [publickey,password]
[LOCAL] : SENT : USERAUTH_REQUEST [password]
[LOCAL] : RECV : AUTH_SUCCESS
[LOCAL] : SEND[0]: SSH_MSG_CHANNEL_OPEN('session')
[LOCAL] : SEND[0]: Pty Request (rows: 26, cols: 108)
[LOCAL] : RECV[0]: pty request succeeded
[LOCAL] : SEND[0]: shell request
[LOCAL] : RECV[0]: shell request succeeded
Type help or '?' for a list of available commands
Solved! Go to Solution.
08-03-2015 02:37 AM
Hi,
Seems to be something related to the remote SSH connection?
Is your problem that you are seeing something like this on the CLI of the ASA when you are logging in?
Is there perhaps some "debug" active on the ASA (together with some "logging" setting) perhaps that is generating these messages on the CLI?
- Jouni
08-03-2015 02:37 AM
Hi,
Seems to be something related to the remote SSH connection?
Is your problem that you are seeing something like this on the CLI of the ASA when you are logging in?
Is there perhaps some "debug" active on the ASA (together with some "logging" setting) perhaps that is generating these messages on the CLI?
- Jouni
08-03-2015 08:51 AM
Thanks for your reply. I think this is some issue related with SecureCRT. When I log onto it in anther PC, all the message disappear.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide