Removing config

One more thing wanted to let you know that, we are replacing old core switch(45k) with this one(C-9300), and haven't configured it yet, so we just wanted internet connection into this new switch so that we can activate smart license.

So I have attached one port(trunk) from new core to the old core(still in production) and provided ip from one of the vlan,

We got internet connectivity but my manager want's to login to it from different location using ssh...

i do not see ssh configuration here? on your show run. (or am i missing something here ?)

can you post show ip ssh output

you can try telnet if that is open in your network to coming in

how are you trying to log in to this device ? from another cisco devices or from Linux or any ssh client? 

ssh <ip>

what do I need to do please let me know

Configure below config :

ip domain-name cisco.com

ip ssh version 2
crypto key generate rsa general-keys modulus 2048
username bbalaji privilege 15 password mypasstest

line vty 0 15
transport input ssh
privilege level 15
login local

tell us what SSH client you using to connect ?

how are you trying to log in to this device ? from another cisco devices or from Linux or any ssh client? 

I have console connection to this device(C-9300)

Using X-Shell to loging to the device

Removing Config

Using X-Shell to loging to the device - is this client installed on Windows Pc ?

do you Putty or any other client to test.

Yes, X-shell & Putty both are installed in Windows workstation.

Just now tried with Putty but no luck.. same, getting stuck with Connection Extablished message

I am glad to see the output of show ip ssh. It does confirm that ssh is configured and should be running. It shows that it is restricted to ssh version 2. I am not surprised that there is not much in the running config that shows ssh, but I am surprised that the restriction to version 2 does not show up. Are we sure that the client being used for testing is using ssh version 2? Perhaps testing with a different client might be something to try?

The posted config does show that ssh is enabled and that telnet is disabled. So testing with telnet is no longer an option.

I see this in the output and wonder if the issue might relate to the key size

Minimum expected Diffie Hellman key size : 2048 bits

I am very interested in this message that showed up

WARNING! The remote SSH server rejected X11 forwarding request.

Which does make me wonder if the issue is something about the client attempting to initiate the ssh connection. I would suggest that perhaps the next step would be to verify that logging is configured and working as expected, make sure that logging level is set to debug, and then run debug ip ssh, attempt the ssh connection, and post any debug output.

Hi Richard,

I have enabled debug for ssh & icmp, but when I am trying to ssh or ping the IP, I don't see any debug message in the device console..

And just now enabled telnet as well, but not working

removing config

Thanks for the additional information. If you are connected via the console I am surprised that you needed terminal monitor to see debug output. I would expect to need terminal monitor if you were connecting via telnet or SSH. 

The output does confirm that there is some problem about SSH

*Jun 7 21:52:27.598: SSH2 1: SSH ERROR closing the connection
*Jun 7 21:52:27.598: SSH1: receive failure - status 0x03

Unfortunately I have no information about what status 0x03 means. If this switch is covered by a maintenance agreement I would suggest that you open a case with Cisco TAC. They would have information about what that error means.