cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1972
Views
0
Helpful
6
Replies

new switch setup , ssh access

nflnetwork
Level 1
Level 1

i have setup a new cisco 2960-x switch but having some trouble setting up ssh access. 

 

when i try and connect using putty it asks for username and password but keeps saying access denied every time. 

i must not be linking my username to the ssh login correctly. 

its just a local account 

can anyone help me sort this out?

currently i can only login using console cable . 

6 Replies 6

Mark Malone
VIP Alumni
VIP Alumni
Hi
is login local enabled under the VTY , SSH is fully up , show ip ssh shows it enabled yes
username x secret xxxxx
line vty 0 4
login local

nflnetwork
Level 1
Level 1
CISCO2960stk#show ip ssh
SSH Enabled - version 1.99
Authentication methods:publickey,keyboard-interactive,password
Authentication Publickey Algorithms:x509v3-ssh-rsa,ssh-rsa
Hostkey Algorithms:x509v3-ssh-rsa,ssh-rsa
Encryption Algorithms:aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
MAC Algorithms:hmac-sha1,hmac-sha1-96
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded): TP-self-signed-3049213952
%SSH: Failed to encode IOS ASN.1 to SECSH format
CISCO2960stk#
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block
Apr 10 17:15:39.552: SSH-1: Not an SSH session connection block

here is test config :  ( change domain and user name as per requirement)

 

#conf t
ip domain-name bbandi.com 
crypto key generate rsa
2048


ip ssh version 2
line vty 0 4
transport input ssh

login local

username bbandi bbandi

 

if still issue can you post show version  also.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

SSH-1: Not an SSH session connection block ,

that alert is an ssh mismatch versions between client and server,re-enable the ssh config as per balajis post if that doesnt resolve check your local device what the terminal is set to whether putty or terra etc whatever your using and make sure its v2 ssh as well , if its still causing issue after thats all confirmed could be something in the ios

Hello
Just like to add - Try removing rsa key and recreating ssh using ver 2 then test again

conf t

crypto key zerosize
crypto key generate rsa label SSH general-keys modulus 2048
ip ssh ver 2
ip ssh source-interface xxxxx

 

(note: using label no need to define an ip domain name)

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hi,

I agree with @paul driver  and @Mark Malone Just reset the Certificate and enable SSH again:

Also, try with SSH version 2 then try as:

 ip ssh version 2

Currently, you are working over the default version of SSH.

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
Review Cisco Networking for a $25 gift card