cancel
Showing results for 
Search instead for 
Did you mean: 

ssh connection: login successful -> disconnected (ICX7150)

peer_joachim_ko
New Contributor II
Hi,
I'm trying to setup two ICX-7150. First I configure a certificate, a ssh-key and a user.
I can login using a web browser or a serial connection, but ssh fails.
A password prompt is shown, I get connected (the session prompt is shown), but the session is terminated immediately.
Any idea ?
10 REPLIES 10

BenBeck
Moderator
Moderator
SSH setup normally looks something like this:

1. Enable  SSH server

Fastiron(config)#crypto key gen

Creating key pair, please wait...

Key pair is successfully created

2. Create a user

Fastiron(config)#username Admin password admin123

3. Enable AAA

Fastiron(config)#aaa authentication login default local  <---this could be radius, tacacs, etc
Ben Beck, RCNA, RCNI, Principal Technical Support Engineer
support.ruckuswireless.com/contact-us

peer_joachim_ko
New Contributor II
Yes, that is exactly what I've done. I can login, the password is accepted, I see the prompt (so auth is working), but then the connection is terminated. From my ssh client I see:
...
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:
debug1: Authentication succeeded (keyboard-interactive).
Authenticated to 10.X.X.X ([10.X.X.X]:22).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Entering interactive session.
debug1: pledge: exec
debug2: callback start
debug2: x11_get_proto: /usr/bin/xauth  list :0 2>/dev/null
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 1
debug2: fd 4 setting TCP_NODELAY
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
debug1: Sending env LANG = de_DE.UTF-8
debug2: channel 0: request env confirm 0
debug2: channel 0: request shell confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 8192 rmax 8192
debug2: channel_input_status_confirm: type 99 id 0
debug2: X11 forwarding request accepted on channel 0
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Received disconnect from 10.X.X.X port 22:2: Service is not known
Disconnected from 10.X.X.X port 22
Any idea ?
					
				
			
			
				
			
			
				
			
			
			
			
			
			
		

BenBeck
Moderator
Moderator
Trying running 'debug ip ssh'. You will need to direct the output to your session with 'debug destination ssh/telnet/console '. Session id can be found in 'show who'
Ben Beck, RCNA, RCNI, Principal Technical Support Engineer
support.ruckuswireless.com/contact-us

peer_joachim_ko
New Contributor II
I tried it, but no messages appear ?!?

SW_A2.012#show debug
Debug message destination:  Console
Generic IP:
          SSH:  debugging is on

From show log:
Feb 20 16:07:09:I:Security: SSH terminated by admin from src IP 141.5.16.161 from src MAC 609c.9f28.94e0 from PRIVILEGED EXEC mode usin.
Feb 20 16:07:08:I:Security: SSH login by admin from src IP 141.5.16.161 from src MAC 609c.9f28.94e0 to PRIVILEGED EXEC mode using RSA a.