Networking General

Last reply by 10-18-2021 Solved
Start a Discussion
3 Argentum

Dell n-Series firmware 6.7.x allow ssh login

somehow i don't get the ssh login working.

 

what i did in the CLI:

command cli:

#username dell password admin123 privilege 15 encrypted

#username admin password admin123 privilege 15 encrypted

#no ip ssh server

#crypto key zeroize dsa

#crypto key zeroize ecdsa

Error: Failed to remove key.

#crypto key zeroize rsa

#crypto key zeroize pubkey-chain ssh

#crypto key generate dsa

DSA key generation started, this may take a few minutes.....
DSA key generation complete.

#crypto key generate rsa

RSA key generation started, this may take a few minutes.....
RSA key generation complete.

#ip ssh server

#crypto certificate 1 generate

#key-generate

#exit

Certificate Generation Successful..

#ip http secure-server

 

i can access the ssh server on the vlan interface ip but cant successfully login/same for https server.

 

the logging is showing this:

<189> Oct 18 13:19:25 switch1-1 TRAPMGR[trapTask]: traputil.c(753) 418 %% NOTE An invalid user tried to login through Web from 10.49.72.57
<189> Oct 18 13:19:25 switch1-1 TRAPMGR[emWeb]: traputil.c(795) 417 %% NOTE HTTPS session : Login to the switch is not successful, User ID: dell Source IP: 10.49.72.57 Local port: 443
<190> Oct 18 13:19:25 switch1-1 USER_MGR[emWeb]: user_mgr.c(2037) 416 %% INFO HTTPS session : User dell couldn't login to the switch due to unsuccessful authentication, source IP: 10.49.72.57 Local Port: 443
<189> Oct 18 13:19:09 switch1-1 TRAPMGR[trapTask]: traputil.c(753) 412 %% NOTE An invalid user tried to login through Web from 10.49.72.57
<189> Oct 18 13:19:09 switch1-1 TRAPMGR[emWeb]: traputil.c(795) 411 %% NOTE HTTPS session : Login to the switch is not successful, User ID: admin Source IP: 10.49.72.57 Local port: 443
<190> Oct 18 13:19:09 switch1-1 USER_MGR[emWeb]: user_mgr.c(2037) 410 %% INFO HTTPS session : User admin couldn't login to the switch due to unsuccessful authentication, source IP: 10.49.72.57 Local Port: 443
<189> Oct 18 13:18:44 switch1-1 TRAPMGR[tRpcsrv.01001]: traputil.c(795) 409 %% NOTE SSH session : Login to the switch is not successful, User ID: admin Source IP: 10.49.72.57 Local port: 22
<190> Oct 18 13:18:44 switch1-1 USER_MGR[tRpcsrv.01001]: user_mgr.c(2037) 408 %% INFO SSH session : User admin couldn't login to the switch due to unsuccessful authentication, source IP: 10.49.72.57 Local Port: 22
<189> Oct 18 13:18:41 switch1-1 TRAPMGR[tRpcsrv.01001]: traputil.c(795) 407 %% NOTE SSH session : Login to the switch is not successful, User ID: admin Source IP: 10.49.72.57 Local port: 22
<190> Oct 18 13:18:41 switch1-1 USER_MGR[tRpcsrv.01001]: user_mgr.c(2037) 406 %% INFO SSH session : User admin couldn't login to the switch due to unsuccessful authentication, source IP: 10.49.72.57 Local Port: 22
<190> Oct 18 13:18:19 switch1-1 SSLT[ssltTask]: sslt_control.c(1424) 405 %% INFO SSLT Application is now ready to use.
<190> Oct 18 13:18:19 switch1-1 SSLT[ssltTask]: sslt_util.c(724) 404 %% INFO SSLT: Successfully loaded all required SSL PEM files
<189> Oct 18 13:18:19 switch1-1 SSLT[ssltTask]: sslt_control.c(380) 403 %% NOTE Generation and/or reading of the DH parameters and certificate generation started and it will take some time. Request to wait until the application is ready to use.
<190> Oct 18 13:18:17 switch1-1 REDIRECT[redirectTask]: redirect_ctrl.c(660) 401 %% INFO Successfully loaded all required SSL PEM files; SSL Context initialization done.
<190> Oct 18 13:18:17 switch1-1 REDIRECT[redirectTask]: redirect_ctrl.c(657) 400 %% INFO Initialized Diffie-Hellman Parameters for Redirect Secure Server using dh512.pem and dh1024.pem files.
<190> Oct 18 13:18:17 switch1-1 REDIRECT[redirectTask]: redirect_ctrl.c(649) 399 %% INFO Successfully loaded certificate(s) from sslt_cert1.pem into the Redirect Secure Server context.
<189> Oct 18 13:18:17 switch1-1 REDIRECT[redirectTask]: redirect_ctrl.c(630) 398 %% NOTE Successfully loaded private key from sslt_key1.pem into Redirect Secure Server.
<190> Oct 18 13:18:08 switch1-1 SSLT[ssltTask]: sslt_control.c(1424) 394 %% INFO SSLT Application is now ready to use.
<190> Oct 18 13:18:08 switch1-1 SSLT[ssltTask]: sslt_util.c(724) 393 %% INFO SSLT: Successfully loaded all required SSL PEM files
<189> Oct 18 13:18:08 switch1-1 SSLT[ssltTask]: sslt_control.c(380) 392 %% NOTE Generation and/or reading of the DH parameters and certificate generation started and it will take some time. Request to wait until the application is ready to use.
<190> Oct 18 13:18:03 switch1-1 SSLT[ssltCertGenTask]: sslt_util.c(1492) 391 %% INFO SSLT: verifying RSA key pair...
<190> Oct 18 13:17:56 switch1-1 SSLT[ssltCertGenTask]: sslt_util.c(1479) 390 %% INFO SSLT: creating server RSA key pair...
<190> Oct 18 13:17:06 switch1-1 General[procLOG]: procmgr.c(927) 389 %% INFO Application Started (opensshd, ID = 7, PID = 1656
<190> Oct 18 13:17:06 switch1-1 SSHD[sshdEvTask]: sshd_control.c(446) 388 %% INFO sshdEventAdminModeSet success, event=0
<189> Oct 18 13:17:06 switch1-1 General[procLOG]: procmgr.c(2689) 387 %% NOTE Administrative Command:app-start opensshd
<190> Oct 18 13:16:45 switch1-1 SSHD[sshdEvTask]: sshd_control.c(516) 382 %% INFO sshdEventKeyGenerateSet success, event=3
<190> Oct 18 13:16:38 switch1-1 SSHD[sshdEvTask]: sshd_control.c(516) 381 %% INFO sshdEventKeyGenerateSet success, event=3
<190> Oct 18 13:13:05 switch1-1 General[procLOG]: procmgr.c(3987) 371 %% INFO Application Terminated (opensshd, ID = 7, PID = 1636
<190> Oct 18 13:13:05 switch1-1 SSHD[sshdEvTask]: sshd_control.c(446) 370 %% INFO sshdEventAdminModeSet success, event=0
<189> Oct 18 13:13:05 switch1-1 General[procLOG]: procmgr.c(2700) 369 %% NOTE Administrative Command:app-stop opensshd
<190> Oct 18 13:12:55 switch1-1 CLI_WEB[emWeb]: cmd_logger_api.c(260) 367 %% INFO [CLI::EIA-232] Access level of user admin has been set to 15
<190> Oct 18 13:12:55 switch1-1 CLI_WEB[emWeb]: cmd_logger_api.c(260) 366 %% INFO [CLI::EIA-232] New user admin has been added
<190> Oct 18 13:12:55 switch1-1 USER_MGR[emWeb]: user_mgr.c(603) 365 %% INFO Password for user admin updated successfully
<190> Oct 18 13:12:29 switch1-1 CLI_WEB[emWeb]: cmd_logger_api.c(260) 360 %% INFO [CLI::EIA-232] Access level of user dell has been set to 15
<190> Oct 18 13:12:29 switch1-1 CLI_WEB[emWeb]: cmd_logger_api.c(260) 359 %% INFO [CLI::EIA-232] New user dell has been added
<190> Oct 18 13:12:29 switch1-1 USER_MGR[emWeb]: user_mgr.c(603) 358 %% INFO Password for user dell updated successfully
<190> Oct 18 13:12:29 switch1-1 USER_MGR[emWeb]: user_mgr.c(323) 356 %% INFO New user dell added successfully

 

 

Solution (1)

Accepted Solutions
3 Argentum

i found the issue

 

it are these line:

#username dell password admin123 privilege 15 encrypted

#username admin password admin123 privilege 15 encrypted

 

dont use the parameters encrypted and it works!

 

I was wondering why the passwords weren't encrypted in the config file. so i experimented with deleting and creating them.

 

Wow that cost a lot of time

View solution in original post

Community Accepted Solution
Reply (1)
3 Argentum

i found the issue

 

it are these line:

#username dell password admin123 privilege 15 encrypted

#username admin password admin123 privilege 15 encrypted

 

dont use the parameters encrypted and it works!

 

I was wondering why the passwords weren't encrypted in the config file. so i experimented with deleting and creating them.

 

Wow that cost a lot of time

Community Accepted Solution
Top Contributor
Latest Solutions