Spending my time…
Trying to limit login from certain hosts include Cisco routers (OS Version Image : c7200-jk9o3s-mz.123-13.bin”) on a Juniper. The connection allowed is ssh.
Allowing cisco routers doesn’t seem to give a remote login successfully connected.
Cisco#ssh -l boss 192.168.1.145 [connection error:0]
Got this SSH log error on Juniper show log message tailed :
Sep 1 10:21:47 JunOS-GW sshd[38925]: Did not receive identification string from 192.168.1.146
Sep 1 10:21:47 JunOS-GW inetd[2541]: /usr/sbin/sshd[38925]: exit status 0xff00
Sep 1 10:22:15 JunOS-GW sshd[38926]: Did not receive identification string from 192.168.1.146
Sep 1 10:22:15 JunOS-GW inetd[2541]: /usr/sbin/sshd[38926]: exit status 0xff00
Sep 1 10:22:18 JunOS-GW sshd[38927]: Did not receive identification string from 192.168.1.146
Sep 1 10:22:18 JunOS-GW inetd[2541]: /usr/sbin/sshd[38927]: exit status 0xff00
Sep 1 10:22:23 JunOS-GW sshd[38928]: Did not receive identification string from 192.168.1.146
Sep 1 10:22:23 JunOS-GW inetd[2541]: /usr/sbin/sshd[38928]: exit status 0xff00
Sep 1 10:35:52 JunOS-GW sshd[39135]: Did not receive identification string from 192.168.1.146
Sep 1 10:35:52 JunOS-GW inetd[2541]: /usr/sbin/sshd[39135]: exit status 0xff00
Sep 1 10:36:03 JunOS-GW sshd[39136]: Did not receive identification string from 192.168.1.146
Sep 1 10:36:03 JunOS-GW inetd[2541]: /usr/sbin/sshd[39136]: exit status 0xff00
Sep 1 10:36:04 JunOS-GW sshd[39137]: Did not receive identification string from 192.168.1.146
Sep 1 10:36:04 JunOS-GW inetd[2541]: /usr/sbin/sshd[39137]: exit status 0xff00
Sep 1 10:36:05 JunOS-GW sshd[39138]: Did not receive identification string from 192.168.1.146
Sep 1 10:36:05 JunOS-GW inetd[2541]: /usr/sbin/sshd[39138]: exit status 0xff00
The symptom : Your outbound SSH on Cisco Router is version 1, while your juniper by default is version 2. Please add/enable ssh protocol-version 2 (v2) as well.. on your Juniper.
You@JunOS-GW# show
ssh {
root-login deny;
protocol-version [ v2 v1 ];
connection-limit 10;
}
[edit system services]
you@JunOS#set system services ssh protocol-version v1
you@JunOS#set system services ssh protocol-version v2
you@JunOS#set system services ssh protocol-version v1 v2 (nope sure this one :)) try it)
Then commit ! [Thanks to Ang Kah from Bangky.Net for Inspiring]
a. rahman isnaini r.sutan