It could be several things. Improperly configured SSH server settings. An SSH bug in IOS. (there have been several as i recall) OR something i can't think of.
Something to put on your list of things to look into at a later time. Glad the that mystery is solved though. Best of luck! On 11/9/2012 9:51 AM, Richard McClary wrote: > Tried an assortment of PuTTY configurations, including SSH 1, different > encryption settings, etc. All returned the same message (looking at raw > captures) – encryption was successful, but authentication failed. > > Yes, finding either an old PuTTY, or another SSH client is possible. > > The main thing is, it is no longer a mystery. > > Thanks!- > > From: Kurt Buff [mailto:[email protected]] > Sent: Friday, November 09, 2012 11:34 AM > To: NT System Admin Issues > Subject: Re: SSH (PuTTY) session from Windows2008R2 > > OK - so not a Windows firewall issue. > > Does the Cisco allow ssh v1? If so, does using v1 work? > > As somebody else suggested, perhaps a newer or older version of putty might > work better. > > Kurt > > On Fri, Nov 9, 2012 at 8:33 AM, Richard McClary > <[email protected]<mailto:[email protected]>> wrote: > This is definitely a W2K8-to-Cisco situation. Again, as per my reply to Kim, > the Cisco stack is still running SSH 1.99. That SSH version seems to be the > cause. (Weird, though, because the same copy of PuTTY on an MS OS other than > W2K8) will log into the Cisco stack just fine. > > Jonathan asked about the login box. It is the Cisco login box, and it is > identical to what is seen when connecting from other OS. > > As to why connecting from Win2008 – well, we have a boss and (also) a network > guy in NJ. Home office is on Manhattan. Travel in that area is still rather > restricted. Network guy has only his assigned laptop and is trying to work > remotely… The Cisco switch is not allowing a connection from outside the > physical LAN (he is using Juniper Network Connect). So, having been told > that the switch will accept a connection from within the LAN, he needed a > machine from within our LAN. Again, not having a desktop system within the > LAN, and he being our principal AD administrator, attempted to do his Cisco > work through one of the Win2K8 (NOT a DC!) systems he works on. > > From: Ziots, Edward [mailto:[email protected]<mailto:[email protected]>] > Sent: Friday, November 09, 2012 10:12 AM > > To: NT System Admin Issues > Subject: RE: SSH (PuTTY) session from Windows2008R2 > > That wont do it. > > Have you set the putty.exe to run as administrator in the client properties? > > And definitely should be using SSH v2 and higher to manage your switches. I > just wonder why you are doing it from a Windows 2008 server? > > I put copied my putty.exe to a Windows 2008 R2 SP1 server and created a > session to my Backtrack 5 R3 box via SSH. > > Z > > Edward E. Ziots, CISSP, Security +, Network + > Security Engineer > Lifespan Organization > [email protected]<mailto:[email protected]> > > From: Kim Longenbaugh [mailto:[email protected]] > Sent: Friday, November 09, 2012 11:06 AM > > To: NT System Admin Issues > Subject: RE: SSH (PuTTY) session from Windows2008R2 > > Will the Windows client let you “telnet <ipaddress> 22” ? > > From: Richard McClary [mailto:[email protected]] > Sent: Friday, November 09, 2012 9:41 AM > To: NT System Admin Issues > Subject: SSH (PuTTY) session from Windows2008R2 > > Greetings! > > We use PuTTY for SSH sessions to manage various devices. An issue has > recently been discovered by us here… > > We have no problem logging in to our Cisco Catalyst 3750 switch stack via SSH > from machines running Windows XP, Windows 7, or Windows 2003. However, if we > are logged into a Windows 2008R2 system… > > Using PuTTY, we connect to the switch stack and get a login box. After > providing user name and password, we are denied access. > > Using telnet (MS version enabled in the “Features” page of Control > Panel/Applications), we can log in with no problem. > > My preliminary Google searches seem to indicate that although SSH clients and > servers are not a part of Windows 2008, it is supported. So far, nothing > regarding this inability to log in to other systems using SSH. Again, this > is weird as a telnet session from the same Windows 2008 machine gives access. > > Anyone??? Thanks!!! > -- > Richard D. McClary > Jr Infrastructure Architect, Information Technology Group > ASPCA® > 1717 S. Philo Rd, Ste 36 > Urbana, IL 61802 > [email protected]<mailto:[email protected]> > P: 217-337-9761<tel:217-337-9761> > C: 217-417-1182<tel:217-417-1182> > F: 217-337-9761<tel:217-337-9761> > www.aspca.org<http://www.aspca.org/> > > > > The information contained in this e-mail, and any attachments hereto, is from > The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and > is intended only for use by the addressee(s) named herein and may contain > legally privileged and/or confidential information. If you are not the > intended recipient of this e-mail, you are hereby notified that any > dissemination, distribution, copying or use of the contents of this e-mail, > and any attachments hereto, is strictly prohibited. If you have received this > e-mail in error, please immediately notify me by reply email and permanently > delete the original and any copy of this e-mail and any printout thereof. > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > [email protected]<mailto:[email protected]> > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > [email protected]<mailto:[email protected]> > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > [email protected]<mailto:[email protected]> > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > [email protected]<mailto:[email protected]> > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > [email protected]<mailto:[email protected]> > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
