06-14-2016 04:41 AM
Hi everyone,
This system is running since about 2 years without problems (3x stackables switches) and suddendly we cannot access it with ssh.
I've upgraded it to this last version : c3750e-ipbasek9-mz.150-2.SE9.bin.
After the upgrade and reboot this issue remains present and I don't know at all what could be the problem?
Switches:
---------------
Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 54 WS-C3750X-48P 15.0(2)SE9 C3750E-IPBASEK9-M
2 54 WS-C3750X-48P 15.0(2)SE9 C3750E-IPBASEK9-M
3 54 WS-C3750X-48 15.0(2)SE9 C3750E-IPBASEK9-M
Issue:
---------------
$ ssh -l admin xxxxxxx
bash: connect: Connection refused
bash: /dev/tcp/xxxxxxx/22: Connection refused
bash: 3: Bad file descriptor
bash: 3: Bad file descriptor
bash: line 0: kill: (15411) - No such process
ssh_exchange_identification: Connection closed by remote host
Could someone has an ideas? or know what is the problem?
Thank you for your help
Best regards,
J.
Solved! Go to Solution.
06-15-2016 01:10 PM
Have you issued the commands below? With the ip domain-name command, use whatever domain name your production switches use. With the crypto key generate rsa, when asked for the length of the key you may put 1024. If there was already an rsa key generated, try to remove it by issuing the command crypto key zeroize rsa then generate a new one.
ip domain-name example.com
crypto key generate rsa
ip ssh version 2
On the line vty, make sure you have login local or password set if you don't use tacacs. With the way you are logging in remotely through ssh is not from a terminal emulator like putty or secure crt and I don't know if it matters, but check if you have the option to specify version 2. For example if I want to ssh from a Cisco switch to another switch that is set to accept ssh version 2, I will issue the command ssh -l [username] -v 2 [remote switch ip address]
HTH
***Please rate and mark the comment correct if you find it helpful. Thanks.***
06-14-2016 06:02 AM
blankguy7,
The "connection refused" on the output could mean anything. Like command transport input ssh is probably not set on line vty and just telnet. It could also be the switch is configured for a specific ssh version and you need to specify that ssh version when trying to remote in to the switch.
Can you please provide the running configuration of the switch or the ssh AND line vty configuration?
Thanks.
HTH
***Please rate and mark the comment correct if you find it helpful. Thanks.***
06-15-2016 04:38 AM
This problem occurred suddenly. Before everything worked well...
Here's the ssh configuration:
#show run | inc ssh
ip ssh time-out 60
ip ssh version 2
privilege exec level 15 ssh
transport input ssh
transport input ssh
[...]
line vty 0 4
access-class 50 in
exec-timeout 15 0
transport input ssh
transport output none
line vty 5 15
access-class 50 in
exec-timeout 15 0
transport input ssh
transport output none
!
ntp server 192.168.0.30
ntp server 192.168.0.221
end
But.... strange :
# show ssh
%No SSHv2 server connections running.
%No SSHv1 server connections running.
Best regards,
J.
06-15-2016 01:10 PM
Have you issued the commands below? With the ip domain-name command, use whatever domain name your production switches use. With the crypto key generate rsa, when asked for the length of the key you may put 1024. If there was already an rsa key generated, try to remove it by issuing the command crypto key zeroize rsa then generate a new one.
ip domain-name example.com
crypto key generate rsa
ip ssh version 2
On the line vty, make sure you have login local or password set if you don't use tacacs. With the way you are logging in remotely through ssh is not from a terminal emulator like putty or secure crt and I don't know if it matters, but check if you have the option to specify version 2. For example if I want to ssh from a Cisco switch to another switch that is set to accept ssh version 2, I will issue the command ssh -l [username] -v 2 [remote switch ip address]
HTH
***Please rate and mark the comment correct if you find it helpful. Thanks.***
06-16-2016 01:36 AM
I've installed again and it is now running.
Thanks a lot and have a nice day ;)
06-16-2016 04:31 AM
Good to hear that the issue is resolved now.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide