I'm getting the following error in CUCM when attempting to edit a device after we updated from 11.x to 12.x
Update failed. SSH Password is not valid. SSH Password is an encrypted value containing up to 288 hexadecimal characters (0-9 and A-F)
I'm still digging around but I feel like a feature/service was enabled by default after the upgrade that I need to locate and disable?
The field is available, however, no matter what is entered it won't seem to accept the changes. I can't ever recall needing to edit/adjust that field previously; and it seems some phones have info filled in and other don't.
Updating: Realized that there's a patch available that potentially resolves this issue, hopefully: 188.8.131.5200-7
The Bug status says its fixed with the code incorporated in the following versions:
No sure about other versions you mentioned here but I had similar issue on CUCM version 184.108.40.20600-22. Cisco TAC provided following workaround:
In order to identify all devices with the non-hexadecimal value, run the following query:
run sql select name , sshpassword from device
Filter devices to identify the password issue or you can confirm the password on the affected devices with query:
run sql select name , sshpassword from device where name="MAC_add"
+++ Do Not Change "MAC_add" +++
After identifying all affected devices, apply the following query to blank the ssh password:
run sql update device set sshpassword='' where name='SEPMAC_OF_IP_Phone'
+++ Change 'SEPMAC_OF_IP_Phone' to IP Phone Device Name i.e. 'SEP00AABBCCDD' +++
If you want to blank the ssh password on all devices, run the following query:
run sql update device set sshpassword='' where name like 'SEP%'
I happened upon this while researching the same problem.
What I found was that I couldn't update any devices which had a SSH password assigned without a SSH UserID.
I found this by querying the database directly.
admin:run sql select name,sshpassword,sshuserid from device where sshpassword <> "" and sshuserid = ""
name sshpassword sshuserid
=============== ============ =========
When querying the device in /ccmadmin the password didn't seem to show up.
After running an update on the database, again via sql to blank out the ssh password, I was able to update the devices again.
admin:run sql update device set sshpassword = '' where name = "SEP1CDEA78334C0"
I updated individually as I don't like running generic updates on the device table, but you could summarize to do it all in 1 sql statement.
Hope this helps.