Switching

last person joined: 3 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
  • 1.  ssh_exchange_identification in junos

    Posted 07-29-2011 00:07

    hi all,

     

    when  i am trying to get the ssh of the ex 3200 switch running version 10.4r 3.4. i am getting this error.

     

    ssh_exchange_identification: Connection closed by remote host

     

    i have also tried to clean the memorty storage with run request system storage cleanup.

     

    plz suggest.

     

    Regards,

    Dilmani

     



  • 2.  RE: ssh_exchange_identification in junos

    Posted 07-29-2011 00:54

    Hello,

    There could be several reasons for this behaviour

    http://edoceo.com/notabene/ssh-exchange-identification

    As for JUNOS-specific tips, you could try to disable SSH, remove the keys, and re-enable SSH again which should get you a fresh set of keys

     

    root@host# delete system services ssh
    root@host# delete system services netconf ssh    ## if you have netconf
    root@host# delete system services outbound-ssh ## if you have outbound-ssh
    root@host# commit
    root@host# run file delete /etc/ssh/*
    root@host# set system services ssh
    root@host# set system services netconf ssh     ## if you need it
    root@host# set system services outbound-ssh ## if you need it
    root@host# commit

    HTH

    Rgds

    Alex



  • 3.  RE: ssh_exchange_identification in junos

    Posted 07-29-2011 01:02

    tried all the commands, but problem still remain the same



  • 4.  RE: ssh_exchange_identification in junos

    Posted 07-30-2011 01:27

    Are you using a domestic JUNOS firmware?

     

    Non domestic firmwares are not allowed to use strong encryption as per US law.

     

    This usually breaks ssh for most ssh clients.

     

    Regards,

     

    Matthias



  • 5.  RE: ssh_exchange_identification in junos

    Posted 07-30-2011 06:03

    Hello,

    There is no export JUNOS version for EX.

    And export JUNOS version does not contain SSH at all and does not allow to enable SSH under [system services].

    HTH

    Rgds

    Alex



  • 6.  RE: ssh_exchange_identification in junos

    Posted 08-01-2011 03:50

    yes i am using domesting version

     

    jinstall-ex-3200-10.4R3.4-domestic-signed.tgz



  • 7.  RE: ssh_exchange_identification in junos

    Posted 08-02-2011 22:42

    Hi,

     

    if it is possible for you to completely reflash the image, maybe that could help.

     

    Also can you try to connect to the switch from a linux machine, from which you have not yet logged into the switch by using ssh -v $HOSTNAME_OR_IP and post the output of that?

     

    Regards,

     

    Matthias



  • 8.  RE: ssh_exchange_identification in junos
    Best Answer

    Posted 08-04-2011 22:09

    hey guys i found  the solution to dis issue, so like to share it wid all the junos suffering people :

     

    Problem description:

     

    Unable to take ssh

    ssh_exchange_identification: Connection closed by remote host.

     

    This can happen due some corrupted files to fix this issue please find the procedure bellow for the EX3200

     

     

    Step1 check the files are present in the directory by login in to the switch and you should be in the shell

     

    root@SUNNY:RE:0% ls /etc/ssh/ssh*

    /etc/ssh/ssh_host_dsa_key       /etc/ssh/ssh_host_rsa_key

    /etc/ssh/ssh_host_dsa_key.pub   /etc/ssh/ssh_host_rsa_key.pub

    /etc/ssh/ssh_host_key           /etc/ssh/ssh_known_hosts

    /etc/ssh/ssh_host_key.pub

     

    root@SUNNY:RE:0% ls /config/ssh*

    /config/ssh_host_dsa_key        /config/ssh_host_key

    /config/ssh_host_dsa_key.pub    /config/ssh_host_key.pub

    /config/ssh_host_ecdsa_key      /config/ssh_host_rsa_key

    /config/ssh_host_ecdsa_key.pub  /config/ssh_host_rsa_key.pub

     

     

     

     

    Step 2 Make two directory under the /etc/ by following  command

     

    root@SUNNY:RE:0% cd /etc

    root@SUNNY:RE:0% mkdir test1

    root@SUNNY:RE:0% mkdir test2

    root@SUNNY:RE:0% ls ----- by issuing this command you will be able to see the directory test under /etc

     

    fbtab                   newsyslog.conf.sys      sshd_netconf

    fstab                   notices                 stunnel.conf

    ftpusers                pam.conf                syslog.conf

    gettytab                pam.conf.sys            termcap

    group                   passwd                  termcap.small

    group.sys               profile                 test1

    test2

     

    step3 copy the files under /etc/ssh/ssh* to the directory test1 and also copy /config/ssh* to directory test2

     

    root@SUNNY:RE:0% cp /etc/ssh/ssh* /etc/test1

    root@SUNNY:RE:0% cp /config/ssh* /etc/test2

    root@SUNNY:RE:0% ls /etc/test1

    root@SUNNY:RE:0% ls /etc/test2

     

    Step4 then you have to create a directory under the /var/

    root@SUNNY:RE:0% cd /var/

    root@SUNNY:RE:0% mkdir empty

     

    then you have to give reboot

     

     

    The troubleshooting steps taken for the CORE-switch.

     

       The fingerprint for the RSA key sent by the remote host is

    7b:3e:b5:4f:15:3a:38:d1:0e:66:9f:aa:87:af:40:ba.

    Please contact your system administrator.

    Add correct host key in /root/.ssh/known_hosts to get rid of this message.

    Offending key in /root/.ssh/known_hosts:9

    RSA host key for 10.21.78.170 has changed and you have requested strict checking.

    Host key verification failed.

     

    For the above error message

     

    root@SUNNY:RE:0% cd /root/.ssh/

    root@SUNNY:RE:0% rm known_hostes

     

    Then you will be able to relogin through the ssh connection.

     

    Regards,

     

    Dil



  • 9.  RE: ssh_exchange_identification in junos

    Posted 09-29-2015 13:35

    swtich>start shell

    % su 

    Password:

    root@switch:RE:0% mkdir /var/empty

     

    After that it should work

    Good luck