Can’t SSH into ASA?
Something strange happened today when I went to SSH into my ASA cluster.
Upon running ssh I got this error message:
ssh_exchange_identification: Connection closed by remote host
I started Google searching for information on this error message and found some people writing that the error could be resolved by making some changes on the client. If you view the log on the ASA, you will see a error message that states:
Fail to establish SSH session because RSA host key retrieval failed.
This indicates that the problem is not with the client at all. Rather, the problem is with the server end, in this case, the ASA. The issues is that the ASA does not have a RSA host key.
Resolve this issue by running these commands below in the CLI. Remember that you can still run CLI commands from the ASDM. Launch the ASDM. Click on Tools. Click on Command Line Interface. Click on Multiple Line.
Commands to run:
conf t crypto key generate rsa modulus 2048 wr mem
Now you should be able to log in just fine.
See this link for more information on SSH configuration on the ASA:
aaa said,
March 25, 2011 at 2:21 am
thank for tip, useful
Highspade said,
June 8, 2011 at 12:18 pm
Thanks! worked like a charm.
EJ said,
July 28, 2011 at 8:40 pm
I have also seen this as a bug with failover pairs running 8.2(3). One will take SSH, but the other won’t until reloaded and even then after a while the same problem creeps back in. moving up further or reverting to 8.2(2) will address this issue.
Jamie Jamison said,
July 29, 2011 at 9:20 pm
This worked great. Thanks.