That should be the exact procedure to follow when changing hostnames, even if on most devices there are no problems, the best is to follow this sequence
1. Zeroize the key 2. Change hostname 3. Generate a new key -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Jon Wolberg Sent: Monday, August 10, 2009 9:15 PM To: jf Cc: [email protected] Subject: Re: [c-nsp] SSH no longer functions after hostname change All- Using the exact order that JF listed below it worked perfect and resolved my issue. I can now SSH to this device again. Thanks. Jon Wolberg Systems Engineer Virtacore Systems Inc. "We Virtualize IT!" ----- Original Message ----- From: "jf" <[email protected]> To: "Jon Wolberg" <[email protected]> Cc: [email protected] Sent: Monday, August 10, 2009 12:42:00 PM GMT -05:00 US/Canada Eastern Subject: Re: [c-nsp] SSH no longer functions after hostname change We experienced this problem on a 3550 12g several years ago. We solved it by temporarily changing the configured hostname back, zeroing the key, changing the hostname again, and regenerating. Jon Wolberg wrote: > Hello- > > We recently changed some of our hostnames on various legacy switches to > follow our naming convention, and after one change I can no longer SSH to the > switch. > > I get the below errors on the console with debug ip ssh client running: > > Aug 10 11:23:44 EST: SSH5: sent protocol version id SSH-2.0-Cisco-1.25 > Aug 10 11:23:44 EST: SSH5: protocol version id is - SSH-2.0-OpenSSH_4.3 > Aug 10 11:23:44 EST: SSH2 5: RSA_sign: private key not found > Aug 10 11:23:44 EST: SSH2 5: signature creation failed, status -1 > Aug 10 11:23:44 EST: SSH5: Session disconnected - error 0x00 > > I zero'ized the old keys and re-generated as well as set the hostname back to > the original and zero'ized and re-generated to no avail. Nothing shows up on > Google and I can find no errata related to SSH access on the version of code > we are running. > > Has anyone encountered this before? This is a 3750 running 12.2(44)SE2 > > > Jon Wolberg > Systems Engineer > Virtacore Systems Inc. > "We Virtualize IT!" > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ************************************************************************************ This footnote confirms that this email message has been scanned by PineApp Mail-SeCure for the presence of malicious code, vandals & computer viruses. ************************************************************************************ __________ Information from ESET NOD32 Antivirus, version of virus signature database 4324 (20090811) __________ The message was checked by ESET NOD32 Antivirus. http://www.eset.com __________ Information from ESET NOD32 Antivirus, version of virus signature database 4324 (20090811) __________ The message was checked by ESET NOD32 Antivirus. http://www.eset.com ************************************************************************************ This footnote confirms that this email message has been scanned by PineApp Mail-SeCure for the presence of malicious code, vandals & computer viruses. ************************************************************************************ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
