SRX Services Gateway
SRX Services Gateway

SSH doesn't work

‎07-20-2016 09:32 AM

Hi everybody.

 

Today I wanted implement ssh authentication ssh-rsa configuring my rsa-key. After that, ssh didn't work and I decided to rollback the config. After the rollbacl I'm not able to access to the firewal via ssh as before. I receive the message "Connection refused by remote host".This is my conf. Any suggestion?

 

set system services ssh root-login allow

[...]

set security address-book YOTI-OFFICE address YOTI-1 77.89.191.176/29
set security address-book YOTI-OFFICE address YOTI-2 80.169.112.24/29
set security address-book YOTI-OFFICE address-set ASET-YOTI-OFFICE address YOTI-1
set security address-book YOTI-OFFICE address-set ASET-YOTI-OFFICE address YOTI-2
set security address-book YOTI-OFFICE attach zone untrust
set security address-book global address LAN 172.16.0.0/24
set security address-book global address RASPI 172.16.0.2/32

[...]

set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit

[...]

set security zones security-zone untrust host-inbound-traffic system-services ssh
set security zones security-zone untrust interfaces at-1/0/0.0 host-inbound-traffic system-services ssh

 

2 REPLIES 2
Highlighted
SRX Services Gateway

Re: SSH doesn't work

‎07-20-2016 09:10 PM

Can you try regenerating the SSH keys.

 

 

At shell prompt enter the following commands:


user@switch%ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
user@switch%ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

 

Ref: https://kb.juniper.net/InfoCenter/index?page=content&id=KB24078&actp=search

 

Thanks,
Suraj
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too
Highlighted
SRX Services Gateway

Re: SSH doesn't work

‎07-21-2016 02:29 AM

Still no luck

 

federico@federico:~$ ssh federicolivieri.noip.me
ssh_exchange_identification: Connection closed by remote host

 

 

login {
user federico {
full-name "Federico Olivieri";
uid 2003;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAB9TZ/O3Akzb78CY8ExihPJkW6oWsihL30VS1B1ZY6bMiytRnn4Exn58Y1NbxwjMzKae3Ybn1IdLusJFPriDza8w2280nWSWdGVG/7gMNKxMFn0GAGyg5ciN5PfDsBEALZyjM5l1KRCe8NibVypnt4sY6oFonOapzzcWiLAujw/xs++dGUXtCoRegHSZaH5KmSds8vLEdP/045O3ScFKWz2K2vwbQ1kL3gV5GQOR0TG5JLf08eYUDUaIH7JXggP6yLKi1c500mUm5E/yeXyZSjScC0d0th3IFCIuKumG7sg9DKLirxYUdJfd4P061v9Z/Hgdyiniqrgm7TGrPpVHFjDFV02XxGkPHsFWF6wzp433g7ELciz7TdkRXdSe+5Ab56tWisUCZvQusVc6bKQz2VedW5JgS9JTLRA/fGjszf8rqhtsGDnTS6Pqlazny6MXpKnwwr5sNDskfrQI9gmusHWLxW8QSfNDidYoNvhhvsk0sBDFVwe+JmLAqXhWZsBI6cEhC/RLfgt1WXtWagGTZ7U0zOztUTwmNg5ZzznqEnRMWeOsYBabj+5MNUK/cGMW0i1jHMqnoOHGfutrWkdNZE08xpx3hvrDJEZFpuccji1igKpneja7k+dFk7o8TFoKD5tFkqQtXlWwkarG7eKUKdYL2+EBCmbw== federico@federico"; ## SECRET-DATA

Feedback