[f-nsp] SSH or Telnet from mlx to mlx

Darren O'Connor darrenoc at outlook.com
Wed Feb 12 04:53:46 EST 2014 

I've never been able to SSH from a Brocade XMR.

As an example. I have an SRX enabled for SSH on the port connected to a switch and then the Brocade. If I try to SSH from the Cisco switch, I can log right in. If I try to login via the Brocade, it refuses to work:

SSH at xxxxxx#ssh 10.21.0.180
User name:darreno
Password:
Connecting to remote host......

Connection Closed


Checking the SRX log, I see the following:

*** messages ***
Feb 12 17:43:59  cfxx-xxxxx.xxx sshd[2416]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0 [preauth]
Feb 12 17:43:59  cfxx-xxxxx.xxx sshd[2416]: fatal: buffer_get_int: buffer error [preauth]


When I SSH in from the switch (same subnet) I log right in with no such message.


Telnet does work though.

I'm currently running 5.4E and keen to get this fixed.


Thanks
Darren
http://www.mellowd.co.uk/ccie



> Date: Tue, 11 Feb 2014 10:12:33 -0700
> From: esk-puck.nether.net at esk.cs.usu.edu
> To: foundry-nsp at puck.nether.net
> Subject: Re: [f-nsp] SSH or Telnet from mlx to mlx
> 
> Apparently I sent this from the wrong address for the list server to
> accept it.
> 
> Tias,
> 
> Are you able to connect at all?  Does it get to the point of asking for
> a password?  Or is it just behaving differently than you expect after
> you log in?
> 
> 
> If you are unable to connect at all, is it possible the router is using
> a different source address than you expect?  You can fix this with:
>   ip ssh source-interface <interface>
> or
>   ip telnet source-interface <interface>
> (I think the default is the address of the interface the traffic will be
> sent out of.)
> 
> 
> Are you using an ACL for ssh/telnet access?  Look for:
>   ssh access-group <acl>
> or
>   telnet access-group <acl>
> 
> 
> Also check for statements like:
>   ip ssh client <address>
> Which have a similar functionality to the ACLs.
> 
> 
> Do ssh/telnet work from other locations?
> 
> 
> -- 
> Eldon Koyle
> 
> 
> On  Feb 11 16:44+0100, Mathias Wolkert wrote:
> > Anything special about this?
> > Does not seem to work as expected. But I may be wrong. 
> > 
> > /Tias
> > _______________________________________________
> > foundry-nsp mailing list
> > foundry-nsp at puck.nether.net
> > http://puck.nether.net/mailman/listinfo/foundry-nsp
> > 
> 
> -- 
> Eldon Koyle
> -- 
> BOFH excuse #42:
> spaghetti cable cause packet failure
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20140212/d0ec89fd/attachment.html>

More information about the foundry-nsp mailing list