new switch setup , ssh access

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2019 07:53 AM
i have setup a new cisco 2960-x switch but having some trouble setting up ssh access.
when i try and connect using putty it asks for username and password but keeps saying access denied every time.
i must not be linking my username to the ssh login correctly.
its just a local account
can anyone help me sort this out?
currently i can only login using console cable .
- Labels:
-
Catalyst 2000
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2019 08:10 AM
is login local enabled under the VTY , SSH is fully up , show ip ssh shows it enabled yes
username x secret xxxxx
line vty 0 4
login local

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2019 10:16 AM
SSH Enabled - version 1.99
Authentication methods:publickey,keyboard-interactive,password
Authentication Publickey Algorithms:x509v3-ssh-rsa,ssh-rsa
Hostkey Algorithms:x509v3-ssh-rsa,ssh-rsa
Encryption Algorithms:aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
MAC Algorithms:hmac-sha1,hmac-sha1-96
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded): TP-self-signed-3049213952
%SSH: Failed to encode IOS ASN.1 to SECSH format
CISCO2960stk#
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2019 11:27 AM
here is test config : ( change domain and user name as per requirement)
#conf t
ip domain-name bbandi.com
crypto key generate rsa
2048
ip ssh version 2
line vty 0 4
transport input ssh
login local
username bbandi bbandi
if still issue can you post show version also.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2019 12:22 PM
that alert is an ssh mismatch versions between client and server,re-enable the ssh config as per balajis post if that doesnt resolve check your local device what the terminal is set to whether putty or terra etc whatever your using and make sure its v2 ssh as well , if its still causing issue after thats all confirmed could be something in the ios
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2019 04:10 PM
Hello
Just like to add - Try removing rsa key and recreating ssh using ver 2 then test again
conf t
crypto key zerosize
crypto key generate rsa label SSH general-keys modulus 2048
ip ssh ver 2
ip ssh source-interface xxxxx
(note: using label no need to define an ip domain name)
Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.
Kind Regards
Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2019 10:59 PM
Hi,
I agree with @paul driver and @Mark Malone Just reset the Certificate and enable SSH again:
Also, try with SSH version 2 then try as:
ip ssh version 2
Currently, you are working over the default version of SSH.
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
