I could blame it on the late hour, but the truth of the matter is that I’m just a bonehead.
I’m currently installing a new Cisco ASA 5520 to replace an old Cisco PIX. This new device is going to use SSH and TACACS+ to make sure all the users are logging in securely.
I’ve cutover to the new device and everything is going smoothly on the firewall front. The firewall is blocking the bad stuff and letting the good stuff come through. Even the VPN peers are all up and working (well, after adding a few misplaced tunnel-group statements).
But, for some reason, every time I try to SSH into the device, I get
ssh_exchange_identification: Connection closed by remote hostHoly mackerel! What’s causing this bologna?
After poking and pondering for a while, it dawned on me that absolutely nothing was wrong with the config. Unfortunately, I’d forgotten to generate the SSH keys.
Oops.
That problem was quickly resolved with
crypto key generate rsa modulus 1024Let that be a lesson to you.
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!
January 27th, 2008 at 4:21 pm
Thanks for the tip….came in handy
January 27th, 2008 at 5:51 pm
Glad I could help, Greg!
February 18th, 2008 at 3:13 pm
Most helpful … the other two steps to the puzzle are this:
config aaa authentication ssh console LOCAL
config username XXXXX password XXXXX priv 15
and don’t forget
write memory all
so it’s there after a reboot.
Cheers
Dave
August 12th, 2008 at 8:27 am
I had the same problem. and thanks to this post, it took less time to solve.
August 20th, 2008 at 9:02 am
@abbec -
Thanks for the comment. I’m glad I could help!
October 20th, 2008 at 1:32 pm
Thanks so much, was bangin my head on this one.