ssh_exchange_identification: Connection closed by remote host
At first we suspected an issue with ~/.ssh/known_hosts file. (on Solaris). Removing the entry for the PIX in the known_hosts file and even removing the file itself did not fix the issue.
Or if you are using some Linux distribution under, /etc/hosts.allow and /etc/hosts.deny.
We checked these and this didn't resolve the issue.
Recalled having a similar issue around a year ago and it was to do with the RSA key on the PIX itself.
If you do the following on the PIX:
show ca mypubkey rsa
This will display the rsa key. We found that there was only one key that was a, General Purpose Key.
There should be one listed as an Encryption Key.
To correct this we did the following:
ca zeroize rsa
ca generate rsa key 1024
ca save all
The "ca zeorize rsa" deletes all RSA keys generated on the PIX.
We then used the second command to generate a new RSA key with size of 1024 and then saved the configuration.
Attempted to ssh to the PIX and bingo!
No comments:
Post a Comment