I could blame it on the late hour, but the truth of the matter is that I'm just a bonehead.

I'm currently installing a new Cisco ASA 5520 to replace an old Cisco PIX. This new device is going to use <acronym title="Secure SHell">SSH</acronym> and TACACS+ to make sure all the users are logging in securely.

I've cutover to the new device and everything is going smoothly on the firewall front. The firewall is blocking the bad stuff and letting the good stuff come through. Even the <acronym title="Virtual Private Network">VPN</acronym> peers are all up and working (well, after adding a few misplaced tunnel-group statements).

But, for some reason, every time I try to SSH into the device, I get

ssh_exchange_identification: Connection closed by remote host

Holy mackerel! What's causing this bologna?

After poking and pondering for a while, it dawned on me that absolutely nothing was wrong with the config. Unfortunately, I'd forgotten to generate the SSH keys.

Oops.

That problem was quickly resolved with

crypto key generate rsa modulus 1024

Let that be a lesson to you.