12-01-2012 11:24 AM - edited 03-07-2019 10:21 AM
Hi All ,
we have configured SSh on our primary and secondry core switch , SSH is working on primary Switch but we are unabme to access secondry Core switch through SSH .
Error are as under :
ov 28 09:14:15.380: SSH1: starting SSH control process
ov 28 09:14:15.380: SSH1: sent protocol version id SSH-2.0-Cisco-1.25
ov 28 09:14:15.396: SSH1: protocol version id is - SSH-2.0-PuTTY_Release_0.62
ov 28 09:14:15.396: SSH2 1: send: len 280 (includes padlen 4)
ov 28 09:14:15.400: SSH2 1: SSH2_MSG_KEXINIT sent
ov 28 09:14:15.400: SSH2 1: ssh_receive: 512 bytes received
ov 28 09:14:15.400: SSH2 1: input: packet len 640
ov 28 09:14:15.400: SSH2 1: partial packet 8, need 632, maclen 0
ov 28 09:14:15.400: SSH2 1: ssh_receive: 128 bytes received
ov 28 09:14:15.400: SSH2 1: partial packet 8, need 632, maclen 0
ov 28 09:14:15.400: SSH2 1: input: padlen 6
ov 28 09:14:15.400: SSH2 1: received packet type 20
ov 28 09:14:15.400: SSH2 1: SSH2_MSG_KEXINIT received
ov 28 09:14:15.400: SSH2: kex: client->server aes256-cbc hmac-sha1 none
ov 28 09:14:15.400: SSH2: kex: server->client aes256-cbc hmac-sha1 none
ov 28 09:14:15.424: SSH2 1: expecting SSH2_MSG_KEXDH_INIT
ov 28 09:14:15.424: SSH2 1: ssh_receive: 144 bytes received
ov 28 09:14:15.424: SSH2 1: input: packet len 144
ov 28 09:14:15.424: SSH2 1: partial packet 8, need 136, maclen 0
ov 28 09:14:15.424: SSH2 1: input: padlen 5
ov 28 09:14:15.424: SSH2 1: received packet type 30
ov 28 09:14:15.424: SSH2 1: SSH2_MSG_KEXDH_INIT received
ov 28 09:14:15.452: SSH2 1: RSA_sign: private key not found
ov 28 09:14:15.452: SSH2 1: signature creation failed, status -1
ov 28 09:14:15.552: SSH1: Session disconnected - error 0x00
please advise .
12-02-2012 06:16 AM
Regenerate the keys:
Conf t
Crypto key rsa generate modulus 1024
Ip ssh version 2
End
Wr
!
You should check the ssh v2 server support too with the Cisco IOS feature navigator on Cisco.com
Hath
Alessio
Sent from Cisco Technical Support iPad App
11-06-2015 01:55 AM
Hello,
I understand it's too late to answer to requester, but for future reference: those symptoms exactly correspond to https://tools.cisco.com/bugsearch/bug/CSCtc41114/
Try re-creating new RSA keys with non-standard label.
Also if after zeroizing existing keys SSH won't put itself into disabled state, wait for some time prior to generating new ones (in my case some hours waiting helped).
Or the last solution - reload switch.
Best regards,
Andrey
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide