18 February, 2014

Zombie SSH sessions

Was not able to SSH to my switch:
root@ubu:~# ssh -l admin 10.1.1.11 -s netconf
ssh: connect to host 10.1.1.11 port 22: Connection refused

Everything was working the day before and no changes had been made. Did some debugging and found:

DLS1#sh ssh
%No SSHv1 server connections running.
Connection Version Mode Encryption  Hmac         State                 Username
0          2.0     IN   aes256-cbc  hmac-sha1    Session started       admin
0          2.0     OUT  aes256-cbc  hmac-sha1    Session started       admin
1          2.0     IN   aes128-cbc  hmac-md5     Session started       admin
1          2.0     OUT  aes128-cbc  hmac-md5     Session started       admin
2          2.0     IN   aes128-cbc  hmac-md5     Session started       admin
2          2.0     OUT  aes128-cbc  hmac-md5     Session started       admin
3          2.0     IN   aes256-cbc  hmac-sha1    Session started       admin
3          2.0     OUT  aes256-cbc  hmac-sha1    Session started       admin
4          2.0     IN   aes128-cbc  hmac-md5     Session started       admin
4          2.0     OUT  aes128-cbc  hmac-md5     Session started       admin
5          2.0     IN   aes128-cbc  hmac-md5     Session started       admin
5          2.0     OUT  aes128-cbc  hmac-md5     Session started       admin
6          2.0     IN   aes128-cbc  hmac-md5     Session started       admin
6          2.0     OUT  aes128-cbc  hmac-md5     Session started       admin
7          2.0     IN   aes256-cbc  hmac-sha1    Session started       admin
7          2.0     OUT  aes256-cbc  hmac-sha1    Session started       admin
8          2.0     IN   aes128-cbc  hmac-md5     Session started       admin
8          2.0     OUT  aes128-cbc  hmac-md5     Session started       admin
9          2.0     IN   aes128-cbc  hmac-md5     Session started       admin
9          2.0     OUT  aes128-cbc  hmac-md5     Session started       admin
10         2.0     IN   aes256-cbc  hmac-sha1    Session started       admin
10         2.0     OUT  aes256-cbc  hmac-sha1    Session started       admin
11         2.0     IN   aes128-cbc  hmac-md5     Session started       admin
11         2.0     OUT  aes128-cbc  hmac-md5     Session started       admin
12         2.0     IN   aes256-cbc  hmac-sha1    Session started       admin
12         2.0     OUT  aes256-cbc  hmac-sha1    Session started       admin
13         2.0     IN   aes256-cbc  hmac-sha1    Session started       admin
13         2.0     OUT  aes256-cbc  hmac-sha1    Session started       admin
14         2.0     IN   aes128-cbc  hmac-md5     Session started       admin
14         2.0     OUT  aes128-cbc  hmac-md5     Session started       admin
15         2.0     IN   aes256-cbc  hmac-sha1    Session started       admin
15         2.0     OUT  aes256-cbc  hmac-sha1    Session started       admin
DLS1#who
    Line       User       Host(s)              Idle       Location
   2 vty 1     admin      idle                    5d16h 10.113.214.148
   3 vty 2     admin      idle                    6d17h 10.113.214.148
   5 vty 4     admin      idle                    5d00h 10.113.214.148
   6 vty 5     admin      idle                    5d21h 10.113.214.148
   7 vty 6     admin      idle                    5d19h 10.113.214.148
   9 vty 8     admin      idle                    4d22h 10.113.214.148
  10 vty 9     admin      idle                    4d17h 10.113.214.148
  11 vty 10    admin      idle                    3d16h 10.113.214.196
  12 vty 11    admin      idle                    4d00h 10.113.214.148
  13 vty 12    admin      idle                 20:13:53 10.113.214.196
  14 vty 13    admin      idle                 16:44:06 10.113.214.197
  15 vty 14    admin      idle                 18:37:16 10.113.214.148
* 16 vty 15    admin      idle                 00:01:48 10.113.214.196

Reason for the zombie sessions is exec-timeout 0 0 configured under line vty 0 15
Reconfigured exec-timeout and rebooting the switch cleared the hung sessions.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)