Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. nsp>
  3. foundry
SSH or Telnet from mlx to mlx
tias at netnod
Feb 11, 2014, 7:44 AM
Post #1 of 4 (1793 views)
Permalink
Anything special about this?
Does not seem to work as expected. But I may be wrong.

/Tias
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp
Re: SSH or Telnet from mlx to mlx [ In reply to ]
niels=foundry-nsp at bakker
Feb 11, 2014, 8:17 AM
Post #2 of 4 (1767 views)
Permalink
* tias@netnod.se (Mathias Wolkert) [Tue 11 Feb 2014, 16:45 CET]:
>Anything special about this?
>Does not seem to work as expected. But I may be wrong.

Any access list in the way? Have you configured your terminal with
the right backspace character?


-- Niels.

--
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp
Re: SSH or Telnet from mlx to mlx [ In reply to ]
esk-puck.nether.net at esk
Feb 11, 2014, 9:12 AM
Post #3 of 4 (1766 views)
Permalink
Apparently I sent this from the wrong address for the list server to
accept it.

Tias,

Are you able to connect at all? Does it get to the point of asking for
a password? Or is it just behaving differently than you expect after
you log in?


If you are unable to connect at all, is it possible the router is using
a different source address than you expect? You can fix this with:
ip ssh source-interface <interface>
or
ip telnet source-interface <interface>
(I think the default is the address of the interface the traffic will be
sent out of.)


Are you using an ACL for ssh/telnet access? Look for:
ssh access-group <acl>
or
telnet access-group <acl>


Also check for statements like:
ip ssh client <address>
Which have a similar functionality to the ACLs.


Do ssh/telnet work from other locations?


--
Eldon Koyle


On Feb 11 16:44+0100, Mathias Wolkert wrote:
> Anything special about this?
> Does not seem to work as expected. But I may be wrong.
>
> /Tias
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp
>

--
Eldon Koyle
--
BOFH excuse #42:
spaghetti cable cause packet failure
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp
Re: SSH or Telnet from mlx to mlx [ In reply to ]
darrenoc at outlook
Feb 12, 2014, 1:53 AM
Post #4 of 4 (1831 views)
Permalink
I've never been able to SSH from a Brocade XMR.

As an example. I have an SRX enabled for SSH on the port connected to a switch and then the Brocade. If I try to SSH from the Cisco switch, I can log right in. If I try to login via the Brocade, it refuses to work:

SSH@xxxxxx#ssh 10.21.0.180
User name:darreno
Password:
Connecting to remote host......

Connection Closed


Checking the SRX log, I see the following:

*** messages ***
Feb 12 17:43:59 cfxx-xxxxx.xxx sshd[2416]: error: buffer_get_ret: trying to get more bytes 4 than in buffer 0 [preauth]
Feb 12 17:43:59 cfxx-xxxxx.xxx sshd[2416]: fatal: buffer_get_int: buffer error [preauth]


When I SSH in from the switch (same subnet) I log right in with no such message.


Telnet does work though.

I'm currently running 5.4E and keen to get this fixed.


Thanks
Darren
http://www.mellowd.co.uk/ccie



> Date: Tue, 11 Feb 2014 10:12:33 -0700
> From: esk-puck.nether.net@esk.cs.usu.edu
> To: foundry-nsp@puck.nether.net
> Subject: Re: [f-nsp] SSH or Telnet from mlx to mlx
>
> Apparently I sent this from the wrong address for the list server to
> accept it.
>
> Tias,
>
> Are you able to connect at all? Does it get to the point of asking for
> a password? Or is it just behaving differently than you expect after
> you log in?
>
>
> If you are unable to connect at all, is it possible the router is using
> a different source address than you expect? You can fix this with:
> ip ssh source-interface <interface>
> or
> ip telnet source-interface <interface>
> (I think the default is the address of the interface the traffic will be
> sent out of.)
>
>
> Are you using an ACL for ssh/telnet access? Look for:
> ssh access-group <acl>
> or
> telnet access-group <acl>
>
>
> Also check for statements like:
> ip ssh client <address>
> Which have a similar functionality to the ACLs.
>
>
> Do ssh/telnet work from other locations?
>
>
> --
> Eldon Koyle
>
>
> On Feb 11 16:44+0100, Mathias Wolkert wrote:
> > Anything special about this?
> > Does not seem to work as expected. But I may be wrong.
> >
> > /Tias
> > _______________________________________________
> > foundry-nsp mailing list
> > foundry-nsp@puck.nether.net
> > http://puck.nether.net/mailman/listinfo/foundry-nsp
> >
>
> --
> Eldon Koyle
> --
> BOFH excuse #42:
> spaghetti cable cause packet failure
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal