[j-nsp] SSH Server

Stacy W. Smith stacy at acm.org
Wed May 25 10:35:54 EDT 2005


The international/worldwide j-series software bundle includes SSH with 
single DES crypto support only. This means that you don't get any 
errors when committing a config that enables SSH. Unfortunately, most 
SSH clients no longer support single DES and therefore are unable to 
connect. I suspect this is the issue.

--Stacy

On 25 May 2005, at 01:44, Felix Schueren wrote:

> Giuliano,
>
> you do have the "domestic" version of JUNOS installed? The
> "international" version (which is on all non-US-Junipers by default)
> does not come with the "jcrypto"-package and thus cannot do ssh. On the
> M-Series I do get errors about missing sshd binaries when commiting
> anything ssh-related running the international junos version.
>
> does "show version brief" give a line like
> JUNOS Crypto Software Suite [7.2R1.7]? If not, that's your problem 
> then.
>
> regards,
>
> Felix
>
> Giuliano Cardozo Medalha wrote:
>> Craig,
>>
>> When I try to use putty client or SSH.com client both answer to me:
>>
>> Authentication Error ... Connection Closed by remote host.
>>
>> Its necessary to config the user with special things like ssh-dsa
>> "public-key" ???
>>
>> Junos does not have to generate DSA (for version 2) public key ?
>>
>> Thanks a lot
>>
>> Giuliano
>>
>>
>>
>>
>>
>>> When you typed this below, you committed the
>>> configuration after right?  What error are you
>>> receiving?  Are there any filters on the interfaces?
>>>
>>> You shouldn't _need_ to generate keys to access
>>> the router using ssh client.  BTW, the default
>>> protocol version should be ssh v2 and unless you
>>> configure v1 you must use v2 to connect.
>>>
>>> Connecting from garnet to R1 with basic config is
>>> a success:
>>>
>>> ---snip---
>>>
>>> craigp at R1> show configuration system services
>>> ftp;
>>> ssh;
>>> telnet;
>>>
>>> craigp at R1> monitor start messages
>>>
>>> craigp at R1>
>>> *** messages ***
>>> May 24 18:45:36  R1 sshd[3008]: Accepted password for craigp from
>>> 172.17.28.17 port 2482 ssh2
>>>
>>> ---snip---
>>>
>>> ---snip---
>>>
>>> craigp at garnet> ssh tp1
>>> craigp at tp1-fxp0.englab.juniper.net's password:
>>> --- JUNOS 7.0R2.7 built 2005-01-06 06:58:15 UTC
>>>
>>> craigp at R1>
>>>
>>> ---snip---
>>>
>>> regards
>>> -Craig
>>>
>>> On May 24, 2005, at 7:10 PM, Giuliano Cardozo Medalha wrote:
>>>
>>>
>>>> People,
>>>>
>>>> We have a J2300 with Junos-Jseries-7.2.
>>>>
>>>> How is possible to configure SSH system service.
>>>>
>>>> I have tried:
>>>>
>>>> router#set system services ssh protocol-version v2
>>>>
>>>> but ... when I try to autenticate with a SSH client ... it said to 
>>>> me
>>>> that is not possible to do.
>>>>
>>>> It is necessary to generate RSA and DSA public keys ?
>>>>
>>>> Thanks a lot
>>>>
>>>> Giuliano
>>>> _______________________________________________
>>>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>>>> http://puck.nether.net/mailman/listinfo/juniper-nsp
>>>>
>>>
>>
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> http://puck.nether.net/mailman/listinfo/juniper-nsp
>>
>
>
> -- 
> Felix Schueren, Head of NOC
>
> mailto:felix.schueren at hosteurope.de
>
> Host Europe GmbH - http://www.hosteurope.de
> Hansestrasse 109 - D-51149 Koeln - Germany
> Telefon (0800) 4678387 - Telefax (01805) 663233
> HRB 28495 Amtsgericht Koeln - UST ID DE187370678
> Geschaeftsfuehrer U. Braun - M. Read - S. Porter
>
> Für diese Nachricht gilt: http://www.hosteurope.de/disclaimer.html
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>




More information about the juniper-nsp mailing list