All Cisco-Network Study Notes: Troubleshooting SSH

Troubleshooting SSH

At times you will charge to troubleshoot the acumen that the SSH affiliation is

failing. In this case, use the alter ssh command on the PIX.The alter achievement on

PIX is almost accessible to accept and can be apprehend calmly after abundant trouble.

Figure 6.12 shows the achievement of the alter ssh command for a acknowledged SSH

connection.

Figure 6.12 An Archetype of a Acknowledged SSH Connection

152: SSH: Device opened successfully.

153: SSH: host key initialized

154: SSH0: SSH client: IP = '192.168.50.7' interface # = 1

155: SSH0: starting SSH ascendancy process

156: SSH0: Exchanging versions - SSH-1.5-Cisco-1.25

157: SSH0: accelerate SSH message: outdata is NULL

www.syngress.com

Figure 6.11 Editing the Tera Term Shortcut

312 Chapter 6 • Configuring System Management

158: SSH0: accept SSH message: 83 (83)

159: SSH0: applicant adaptation is - SSH-1.5-TTSSH/1.5.4 Win32

160: SSH0: activate server key generation

161: SSH0: complete server key generation, delayed time = 4170 ms

162: SSH0: acknowledge what cipher(s) we support: 0x00 0x00 0x00 0x04

163: SSH0: accelerate SSH message: SSH_SMSG_PUBLIC_KEY (2)

164: SSH0: SSH_SMSG_PUBLIC_KEY bulletin sent

165: SSH0: accept SSH message: SSH_CMSG_SESSION_KEY (3)

166: SSH0: SSH_CMSG_SESSION_KEY bulletin accustomed - msg blazon 0x03, length

272

167: SSH0: applicant requests DES cipher: 2

168: SSH0: accelerate SSH message: SSH_SMSG_SUCCESS (14)

169: SSH0: keys exchanged and encryption on

170: SSH0: accept SSH message: SSH_CMSG_USER (4)

171: SSH0: affidavit appeal for userid PIX

172: SSH(PIX): user authen adjustment is 'no AAA', aaa server accumulation ID = 0

173: SSH0: accelerate SSH message: SSH_SMSG_FAILURE (15)

174: SSH0: accept SSH message: SSH_CMSG_AUTH_PASSWORD (9)

175: SSH0: accelerate SSH message: SSH_SMSG_SUCCESS (14)

176: SSH0: affidavit acknowledged for PIX

177: SSH0: accept SSH message: SSH_CMSG_REQUEST_PTY (10)

178: SSH0: accelerate SSH message: SSH_SMSG_SUCCESS (14)

179: SSH0: accept SSH message: SSH_CMSG_EXEC_SHELL (12)

180: SSH0: starting exec shell

Figure 6.13 shows an archetype of an incorrect username.The Cisco PIX firewall

will adios the login alike if the countersign is correct.

Figure 6.13 An Archetype of an Incorrect User Name

184: SSH: Device opened successfully.

185: SSH: host key initialised

186: SSH0: SSH client: IP = '192.168.50.7' interface # = 1

187: SSH0: starting SSH ascendancy process

188: SSH0: Exchanging versions - SSH-1.5-Cisco-1.25

189: SSH0: accelerate SSH message: outdata is NULL

190: SSH0: accept SSH message: 83 (83)

191: SSH0: applicant adaptation is - SSH-1.5-TTSSH/1.5.4 Win32

www.syngress.com

Configuring System Management • Chapter 6 313

192: SSH0: activate server key generation

193: SSH0: complete server key generation, delayed time = 7090 ms

194: SSH0: acknowledge what cipher(s) we support: 0x00 0x00 0x00 0x04

195: SSH0: accelerate SSH message: SSH_SMSG_PUBLIC_KEY (2)

196: SSH0: SSH_SMSG_PUBLIC_KEY bulletin sent

197: SSH0: accept SSH message: SSH_CMSG_SESSION_KEY (3)

198: SSH0: SSH_CMSG_SESSION_KEY bulletin accustomed - msg blazon 0x03, length

272

199: SSH0: applicant requests DES cipher: 2

200: SSH0: accelerate SSH message: SSH_SMSG_SUCCESS (14)

201: SSH0: keys exchanged and encryption on

202: SSH0: accept SSH message: SSH_CMSG_USER (4)

203: SSH0: affidavit appeal for userid badname

204: SSH(badname): user authen adjustment is 'no AAA', aaa server accumulation ID = 0

205: SSH0: invalid userid badname

206: SSH0: accelerate SSH message: SSH_SMSG_FAILURE (15)

207: SSH0: accept SSH message: SSH_CMSG_AUTH_PASSWORD (9)

208: SSH0: accelerate SSH message: SSH_SMSG_FAILURE (15)

209: SSH0: accept SSH message: SSH_MSG_DISCONNECT (1)

210: SSH0: affidavit bootless for badname

211: SSH0: Affair broken by SSH server - absurdity 0x36 "Reset

by client"

To see how abounding SSH sessions are on the PIX, use the afterward command:

show ssh sessions []

The alternative ip_address constant allows you to analysis for SSH sessions from

a accurate IP address. An archetype of the after-effects of application this command follows:

PIX1# appearance ssh sessions

Session ID Applicant IP Adaptation Encryption State Username

1 192.168.50.8 1.5 DES 6 pix

To abstract a specific SSH session, use this command:

ssh abstract

For example:

PIX1(config)# ssh abstract 0

www.syngress.com

314 Chapter 6 • Configuring System Management

The session_id constant specifies the cardinal associated with the SSH session

that is apparent by application the appearance ssh sessions command.

To abolish all SSH agreement statements from the Cisco PIX, use this

command:

PIX1(config)# bright ssh