If all of the 12.1 T images behaved similarly, there may be
something strange with your environment. How are you doing the
user authentication? Tacacs, local user database? Is there
anything different with the way you are doing authentication for
telnet and ssh?
Try doing a 'debug ip ssh' on the router while performing an ssh
connection. This may show you if there is some problem during
ssh authentication.
Beyond this, I'd say you'll have to pursue this issue to conclusion
with TAC. If this is a critical issue, escalate with TAC and work
with them until its resolved. There may not be a quick fix.
Regards,
Kent
On 6 Apr 2001, at 11:40, Sean Young wrote:
> I've tried all the 12.1.(x)T images without success.
>
> Any more ideas?
>
>
> >From: "John Neiberger" <[EMAIL PROTECTED]>
> >Reply-To: "John Neiberger" <[EMAIL PROTECTED]>
> >To: [EMAIL PROTECTED]
> >Subject: Re: Implement Secure Shell (SSH) on Cisco 3640 router
> >Date: Fri, 06 Apr 2001 08:49:30 -0600
> >
> >Have you tried other IOS images? How did you even get 12.1(7)T? As
> >far as I can tell, 12.1(7) just came out and the latest T release
> >available on a 3600 is 12.1(5)T. Is downgrading back to 12.1(5)T an
> >option? Do you really even need the T release, or would 12.1(5) work
> >for you?
> >
> >It's possible that if you really are using a bleeding-edge IOS
> >release that you are running into a bug that they haven't
> >resolved--or really even started working on yet. If changing to
> >another image is an option, I'd try that to see if the behavior
> >changes.
> >
> > >>> "Howard C. Berkowitz" <[EMAIL PROTECTED]> 4/6/01 8:26:15 AM >>>
> > >Someone here must have an answer for this one. Cisco TAC has been
> > >absolutely NO HELP. I am sure that 600+ heads in this group,
> >together,
> > >can help me with this problem. I have to implement this thing
> >tomorrow
> > >evening. I am sure that I will get lot of calls from unhappy
> >customers
> > >about the latency issue.
> >
> >To what extent have you escalated this in the TAC? What is the
> >criticality designation of the problem report? To how many levels of
> >TAC management have you spoken?
> >
> >I don't think it will qualify for the highest level, because work can
> >still get done, just slowly. But it should be possible to escalate --
> >if for no other reason that it's been an open ticket for a while.
> >
> >Have you discussed it with your local Cisco office?
> >
> >
> > >PLEASE HELP.
> > >
> > >>From: "Sean Young" <[EMAIL PROTECTED]>
> > >>Reply-To: "Sean Young" <[EMAIL PROTECTED]>
> > >>To: [EMAIL PROTECTED]
> > >>Subject: Implement Secure Shell (SSH) on Cisco 3640 router
> > >>Date: Wed, 04 Apr 2001 21:41:29 -0400
> > >>
> > >>Hi everyone,
> > >>
> > >>I've posted this question last week but never got a satisfactory
> >response
> > >>so I will post it again; hopefully, I can get a better suggestion
> >this
> > >>time.
> > >>
> > >>I am running SSH on a Cisco 3640 router with IOS 12.1.7(T)
> > >>version. This router is used a an access server to control other
> > >>Cisco
> >devices.
> > >>Everything is working except it is painfully slow. At first, I
> >thought
> > >>it might network latency, so I take the router back to the lab,
> >connect
> > >>the access server FE interface with a cross-over cable to my
> > >>laptop
> >and
> > >>establish a SSH connection to the access server. The connection
> > >>is
> >still
> > >>VERY SLOW.
> >
> >Do sh ip interfaces on all affected interfaces under both
> >configuration options (SSH and non SSH). It would be wise to reboot
> >after the configuration change.
> >
> >Are the interface switching modes different?
> >
> >If SSH puts an interface in a slow switching mode, that could explain
> >the added latency. It doesn't necessarily fix it, but you then have
> >a place to look. If the switching mode does change, specifically ask
> >the TAC if there is an IOS level in which SSH will run in fast or
> >CEF.
> >
> > >> If I take off SSH and use telnet, it is very fast. However,
> > >>disabling SSH is NOT an option for me because this router will be
> > >>accessable via the Internet and the customer does not want to use
> > >>TELNET (username and password in clear text). They don't want any
> >other
> > >>option, just SSH. Oh, the router has 32MB Flash and 128MB RAM
> > >>which
> >I
> > >>think is plentiful. Its only purpose is to function as an
> >access-server,
> > >>nothing else. I still can not, for the life of me, figure out why
> >SSH
> > >>creates such a latency. I did both "show memory" and "show
> >process".
> > >>In both cases, SSH doesn't take much memory and cpu resources. I
> >give
> > >>the "show tech" to Cisco TAC and he has not found a solution for
> > >>it.
> >As
> > >>far as the SSH client is concern, I use either PUTTY or MINDTERM
> >which
> > >>is extremely slick and fast clients. They both work great when I
> >SSH
> > >>into Unix boxes.
> _________________________________________________________________ Get
> your FREE download of MSN Explorer at http://explorer.msn.com
> Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
