Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > Secure Shell

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 10-28-2008, 04:15 PM
freephk freephk is offline
Registered User
 
Join Date: Oct 2008
Posts: 1
Help need on connect using SecureCRT

I had to delete and regenerate pubkey on one of my switch. Rigth after that happened, I'm not able to ssh to the switch using Secure CRT. Is there some settings I have to change on Secure CRT?

Thanks.

Peter
Reply With Quote
  #2  
Old 10-28-2008, 05:30 PM
jjh jjh is offline
VanDyke Customer Support
 
Join Date: Feb 2004
Posts: 815
Hello Peter.

Are you referring to the Host key of the SSH server on your
switch?

If the Host key changed, you should be able to accept and
save the new one the next time you try to connect using
SecureCRT.

Would you be able to provide a debug log from the server as
well as Trace Options output from your connection attempt?

To get Trace Options output, click on File from the
SecureCRT menu and choose Trace Options. You can click on
File again to make sure there is a checkbox next to Trace
Options. The output should appear in the SecureCRT window.

Since the logs may contain information that you would not
want to post to a public forum, you can send that to
support@vandyke.com referencing this forum thread.

Thank you

JJH
Reply With Quote
  #3  
Old 11-13-2008, 08:00 AM
rosejim rosejim is offline
Registered User
 
Join Date: Nov 2007
Posts: 1
Simular issue

I am having basically the same issue. I upgraded a routers IOS and now SecureCRT will not connect, put I can connect using Putty from the same PC.

trace from SecureCRT

SecureCRT - Version 6.1.0 (build 349)
[LOCAL] : SSH2Core version 6.1.0.349
[LOCAL] : Connecting to XXX.XXX.XXX.XXX:22 ...
[LOCAL] : Changing state from STATE_NOT_CONNECTED to STATE_EXPECT_KEX_INIT
[LOCAL] : Using protocol SSH2
[LOCAL] : RECV : Remote Identifier = "SSH-2.0-Cisco-1.25"
[LOCAL] : CAP : Remote can re-key
[LOCAL] : CAP : Remote sends language in password change requests
[LOCAL] : CAP : Remote sends algorithm name in PK_OK packets
[LOCAL] : CAP : Remote sends algorithm name in public key packets
[LOCAL] : CAP : Remote sends algorithm name in signatures
[LOCAL] : CAP : Remote sends error text in open failure packets
[LOCAL] : CAP : Remote sends name in service accept packets
[LOCAL] : CAP : Remote includes port number in x11 open packets
[LOCAL] : CAP : Remote uses 160 bit keys for SHA1 MAC
[LOCAL] : CAP : Remote supports new diffie-hellman group exchange messages
[LOCAL] : CAP : Remote correctly handles unknown SFTP extensions
[LOCAL] : CAP : Remote correctly encodes OID for gssapi
[LOCAL] : CAP : Remote correctly uses connected addresses in forwarded-tcpip requests
[LOCAL] : CAP : Remote can do SFTP version 4
[LOCAL] : CAP : Remote uses SHA1 hash in RSA signatures for x.509v3
[LOCAL] : CAP : Remote x.509v3 uses ASN.1 encoding for DSA signatures
[LOCAL] : SEND : KEXINIT
[LOCAL] : RECV : Read kexinit
[LOCAL] : Available Remote Kex Methods = diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
[LOCAL] : Selected Kex Method = diffie-hellman-group-exchange-sha1
[LOCAL] : Available Remote Host Key Algos = ssh-rsa
[LOCAL] : Selected Host Key Algo = ssh-rsa
[LOCAL] : Available Remote Send Ciphers = aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
[LOCAL] : Selected Send Cipher = aes256-cbc
[LOCAL] : Available Remote Recv Ciphers = aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
[LOCAL] : Selected Recv Cipher = aes256-cbc
[LOCAL] : Available Remote Send Macs = hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
[LOCAL] : Selected Send Mac = hmac-sha1
[LOCAL] : Available Remote Recv Macs = hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
[LOCAL] : Selected Recv Mac = hmac-sha1
[LOCAL] : Available Remote Compressors = none
[LOCAL] : Selected Compressor = none
[LOCAL] : Available Remote Decompressors = none
[LOCAL] : Selected Decompressor = none
[LOCAL] : Changing state from STATE_EXPECT_KEX_INIT to STATE_KEY_EXCHANGE
[LOCAL] : SEND : KEXDH_GEX_REQUEST
[LOCAL] : RECV: TCP/IP close
[LOCAL] : Changing state from STATE_KEY_EXCHANGE to STATE_CLOSED
[LOCAL] : Connected for 0 seconds, 503 bytes sent, 363 bytes received


Debug from Router


SecureCRT login attempt

Nov 13 08:28:35.634: SSH0: starting SSH control process
Nov 13 08:28:35.634: SSH0: sent protocol version id SSH-2.0-Cisco-1.25
Nov 13 08:28:35.634: SSH0: protocol version id is - SSH-2.0-SecureCRT_6.1.0 (build 349) SecureCRT
Nov 13 08:28:35.634: SSH2 0: sendacket of length 344 (length also includes padlen of 5)
Nov 13 08:28:35.634: SSH2 0: SSH2_MSG_KEXINIT sent
Nov 13 08:28:35.634: SSH2 0: ssh_receive: 456 bytes received
Nov 13 08:28:35.634: SSH2 0: input: total packet length of 456 bytes
Nov 13 08:28:35.634: SSH2 0: partial packet length(block size)8 bytes,needed 448 bytes,
maclen 0
Nov 13 08:28:35.634: SSH2 0: input: padlength 11 bytes
Nov 13 08:28:35.634: SSH2 0: SSH2_MSG_KEXINIT received
Nov 13 08:28:35.638: SSH2:kex: client->server enc:aes256-cbc mac:hmac-sha1
Nov 13 08:28:35.638: SSH2:kex: server->client enc:aes256-cbc mac:hmac-sha1
Nov 13 08:28:35.638: SSH2 0: ssh_receive: 24 bytes received
Nov 13 08:28:35.638: SSH2 0: input: total packet length of 24 bytes
Nov 13 08:28:35.638: SSH2 0: partial packet length(block size)8 bytes,needed 16 bytes,
maclen 0
Nov 13 08:28:35.638: SSH2 0: input: padlength 6 bytes
Nov 13 08:28:35.638: SSH2 0: SSH2_MSG_KEX_DH_GEX_REQUEST received
Nov 13 08:28:35.638: SSH2 0: Range sent by client is - 1024 < 2046 < 2048
Nov 13 08:28:35.638: SSH2 0: Invalid modulus length
Nov 13 08:28:35.738: SSH0: Session disconnected - error 0x00
Reply With Quote
  #4  
Old 11-13-2008, 01:05 PM
kbarnette kbarnette is offline
VanDyke Technical Support
 
Join Date: Aug 2007
Posts: 585
Hi rosejim,

This issue has been resolved in SecureCRT 6.1.2, which can be downloaded here.

Is the issue you have described resolved in your environment after upgrading to SecureCRT 6.1.2?
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 11:46 AM.