Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
52166
Views
12
Helpful
6
Replies

Unable to ssh

sbrooks011
Level 1
Level 1

‎03-10-2016 04:08 AM - edited ‎03-05-2019 03:32 AM

Hi,

Can anybody help me with this.

I can remotely get to a customer router, but i'm unable to ssh on to the switch....The message I get is: [Connection to xxx.xxx.x.x aborted: error status 0]

4 people had this problem
Labels:
0 Helpful
6 Replies 6

mvsheik123
Level 7
Level 7

‎02-05-2018 05:55 PM

Hi,

 

Check below posting.

 

https://supportforums.cisco.com/t5/wan-routing-and-switching/issue-ssh/td-p/1205236

 

hth

MS

0 Helpful

Moses Fernandes
Level 1
Level 1

‎02-06-2018 03:02 AM

Hello,

Check the following things.

1) are you able to ssh into the devices locally (from within the LAN).
2) Check the SSH configuration on switch.
3) ACL (on all the devices involved)
4) check zones/security settings (firewall).
.
.
...... finally Dont forget to confirm that the target device is powered on and connected properly (including VLANs/interface up/up). LOL.
Regards,
Moses.
0 Helpful

jdjmoncivais
Level 1
Level 1

‎07-05-2019 04:54 AM

Your issue more than likely is ssh strict host key checking is enabled.

 

Check your ssh configuration for this command:

ip ssh stricthostkeycheck

 

If it's in your configuration, you have two options:

1. enable the ip ssh pubkey-chain command: 

ip ssh pubkey-chain

 

2. Disable strict host key checking

no ip ssh stricthostkeycheck

 

In your case, I would try option 2.

 

Good Luck!

 

karthi.venkatesan@sifycorp.com
Level 1
Level 1
In response to jdjmoncivais

‎10-16-2019 12:33 AM

Hi All,

 

The reason for the issue is encryption mismatch, check both SSH output in the command SH SSH and check the encryption method which is used, based on that you can change in one end to establish the SSH connectivity.

 

#show ssh - To check the output

 

(config)# IP ssh server algorithm encryption aes256-cbc aes128-cbc - To define the standard.

 

It will work...

 

Thanks...

Georg Pauwen
VIP
VIP

‎10-16-2019 02:19 AM

Hello,

 

try:

 

ssh -l username x.x.x.x

 

If that doesn't work, zeroize and recreate the rsa key:

 

crypto key zeroize rsa

crypto key generate rsa 1024

 

and try again (without and with the username)...

0 Helpful

paul driver
VIP
VIP

‎10-16-2019 08:26 AM

Hello

1) Does that rtr allow you to initiate SSH, Check vty lines config for - transport output XXX  on rtr and the reverse input on the switch

2) check for access lists negating egress or ingress ssh on the rtr and switch again on vty lines
3) check that ssh is enabled on the switch and if it is then as suggested by others it could be worth zero size the crypto key and regenerating a new one.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card