[c-nsp] SSH no longer functions after hostname change

Tony Underwood tony at cambiumdata.com
Mon Aug 10 19:25:48 EDT 2009


I know you have to have a hostname configured to generate a key on the box, so it's obviously using the hostname at some level in the key.
Whenever I change a hostname I've experienced the same result, but regenerating the key always fixes the problem.  "crypto key gen rsa" as someone mentioned earlier.

Tony Underwood
Cambium Data Inc.
5050 So. 111th St.
Omaha, NE 68137
(402) 514-3201
(402) 960-3107 - C
http://www.CambiumData.com




-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jon Wolberg
Sent: Monday, August 10, 2009 2:56 PM
To: Eninja
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] SSH no longer functions after hostname change

Hello-

Nothing, they are all identical switches running the same IOS.


Jon Wolberg
Systems Engineer
Virtacore Systems Inc.
"We Virtualize IT!" 


----- Original Message -----
From: "Eninja" <eninja at gmail.com>
To: "Jon Wolberg" <jon at defenderhosting.com>
Cc: "Paul Stewart" <paul at paulstewart.org>, cisco-nsp at puck.nether.net, "Eninja" <eninja at gmail.com>
Sent: Monday, August 10, 2009 3:49:35 PM GMT -05:00 US/Canada Eastern
Subject: Re: [c-nsp] SSH no longer functions after hostname change

Jon,

What is different with respect to software version, SSH config &  
platform between this swtich and the dozen others that (could be  
seeing a similar problem but) aren't?

-Eninja



On Aug 10, 2009, at 6:19 PM, Jon Wolberg <jon at defenderhosting.com>  
wrote:

> Hi Paul-
>
> The funny thing is this is the only switch causing problems.  We  
> changed the hostnames on over a dozen others without any issues.
>
> I tried re-generating the keys to no avail.
>
>
> Jon Wolberg
> Systems Engineer
> Virtacore Systems Inc.
> "We Virtualize IT!"
>
>
> ----- Original Message -----
> From: "Paul Stewart" <paul at paulstewart.org>
> To: "Jon Wolberg" <jon at defenderhosting.com>, cisco-nsp at puck.nether.net
> Sent: Monday, August 10, 2009 12:17:14 PM GMT -05:00 US/Canada Eastern
> Subject: RE: [c-nsp] SSH no longer functions after hostname change
>
> Normally all we do is a "crypto key gen rsa" if a hostname changes  
> and we
> continue on... this regens the keys and stops/starts the SSH  
> process....
>
> Paul
>
>
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jon Wolberg
> Sent: Monday, August 10, 2009 11:53 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] SSH no longer functions after hostname change
>
> Hello-
>
> We recently changed some of our hostnames on various legacy switches  
> to
> follow our naming convention, and after one change I can no longer  
> SSH to
> the switch.
>
> I get the below errors on the console with debug ip ssh client  
> running:
>
> Aug 10 11:23:44 EST: SSH5: sent protocol version id SSH-2.0-Cisco-1.25
> Aug 10 11:23:44 EST: SSH5: protocol version id is - SSH-2.0- 
> OpenSSH_4.3
> Aug 10 11:23:44 EST: SSH2 5: RSA_sign: private key not found
> Aug 10 11:23:44 EST: SSH2 5: signature creation failed, status -1
> Aug 10 11:23:44 EST: SSH5: Session disconnected - error 0x00
>
> I zero'ized the old keys and re-generated as well as set the  
> hostname back
> to the original and zero'ized and re-generated to no avail.  Nothing  
> shows
> up on Google and I can find no errata related to SSH access on the  
> version
> of code we are running.
>
> Has anyone encountered this before? This is a 3750 running 12.2(44)SE2
>
>
> Jon Wolberg
> Systems Engineer
> Virtacore Systems Inc.
> "We Virtualize IT!"
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list