Hi folks,
Have many people experimented with the ssh server support of IOS
12.1(3)T or thereabouts? I pulled down that IOS today to fix a
problem we were having on a 7206 (when I upgraded to 12.0(7)T, one --
but ONLY one -- PA-FE-TX was having extreme problems talking with its
Catalyst downlink. Swapping PA's didn't help, but upgrading again to
various 12.1s fixed it. Hmm...)
But anyways...
I noticed 12.1(1)T+ had ssh server support, and was very interested
in trying it out. So far, I've had three problems with the 12.1(3a)T3
build I tried:
- Latency of about 2-3 seconds before keypresses will be echoed back to
you -- but response (e.g. "show ver") is instantaneous and quick.
- When enabling ssh, it didn't like the syntax of just "ip ssh"; but
forcing it with "ip ssh authentication-retries 3" worked.
- I couldn't disable it with any "no ip ssh [...]" commands that I tried;
both with the above options and without. I had to fall back to my
saved startup-config with a reload of the router. Should I have
been trying to disable crypto key rsa stuff instead of the ssh stuff?
This is all on a 7206VXR, NPE-300, and as I say, IOS 12.1(3a)T3. This
router isn't quite in full production yet, so it's passing hardly any
traffic. I can't figure out what might be causing the slowness. I was
using local username lists for the AAA part, so even though it doesn't
seem like external authentication would affect keypress latency, it was
all being handled internally anyways.
Any ideas, or should I bug the TAC for anything they have on file? A
quick search on CCO didn't turn up much of interest.
Thanks for any feedback,
-Dave
-- Dave Spencer KF6PKU "If USENET is anarchy, IRC is a paranoid dspencer@forlorn.net schizophrenic after 6 days on speed." http://www.forlorn.net/~dspencer/ - Saundo, in the monastery.
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:22 EDT