cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

2393
Views
0
Helpful
2
Replies
Highlighted
Participant

Cisco 6500 Error :SSH2 1: RSA_sign: private key not found

Hi All ,

we have configured SSh on our primary and secondry core switch , SSH is working on primary Switch but we are unabme to access secondry Core switch through SSH .

Error are as under :

ov 28 09:14:15.380: SSH1: starting SSH control process

ov 28 09:14:15.380: SSH1: sent protocol version id SSH-2.0-Cisco-1.25

ov 28 09:14:15.396: SSH1: protocol version id is - SSH-2.0-PuTTY_Release_0.62

ov 28 09:14:15.396: SSH2 1: send: len 280 (includes padlen 4)

ov 28 09:14:15.400: SSH2 1: SSH2_MSG_KEXINIT sent

ov 28 09:14:15.400: SSH2 1: ssh_receive: 512 bytes received

ov 28 09:14:15.400: SSH2 1: input: packet len 640

ov 28 09:14:15.400: SSH2 1: partial packet 8, need 632, maclen 0

ov 28 09:14:15.400: SSH2 1: ssh_receive: 128 bytes received

ov 28 09:14:15.400: SSH2 1: partial packet 8, need 632, maclen 0

ov 28 09:14:15.400: SSH2 1: input: padlen 6

ov 28 09:14:15.400: SSH2 1: received packet type 20

ov 28 09:14:15.400: SSH2 1: SSH2_MSG_KEXINIT received

ov 28 09:14:15.400: SSH2: kex: client->server aes256-cbc hmac-sha1 none

ov 28 09:14:15.400: SSH2: kex: server->client aes256-cbc hmac-sha1 none

ov 28 09:14:15.424: SSH2 1: expecting SSH2_MSG_KEXDH_INIT

ov 28 09:14:15.424: SSH2 1: ssh_receive: 144 bytes received

ov 28 09:14:15.424: SSH2 1: input: packet len 144

ov 28 09:14:15.424: SSH2 1: partial packet 8, need 136, maclen 0

ov 28 09:14:15.424: SSH2 1: input: padlen 5

ov 28 09:14:15.424: SSH2 1: received packet type 30

ov 28 09:14:15.424: SSH2 1: SSH2_MSG_KEXDH_INIT received

ov 28 09:14:15.452: SSH2 1: RSA_sign: private key not found

ov 28 09:14:15.452: SSH2 1: signature creation failed, status -1

ov 28 09:14:15.552: SSH1: Session disconnected - error 0x00

please advise .

2 REPLIES 2
Contributor

Re: Cisco 6500 Error :SSH2 1: RSA_sign: private key not found


Regenerate the keys:

Conf t
Crypto key rsa generate modulus 1024
Ip ssh version 2
End
Wr
!


You should check the ssh v2 server support too with the Cisco IOS feature navigator on Cisco.com


Hath
Alessio
Sent from Cisco Technical Support iPad App

Hello,

Hello,

I understand it's too late to answer to requester, but for future reference: those symptoms exactly correspond to https://tools.cisco.com/bugsearch/bug/CSCtc41114/

Try re-creating new RSA keys with non-standard label.

Also if after zeroizing existing keys SSH won't put itself into disabled state, wait for some time prior to generating new ones (in my case some hours waiting helped).

Or the last solution - reload switch.

Best regards,

Andrey

CreatePlease to create content
Content for Community-Ad