Mike1709156907 Posted November 7, 2019 Share Posted November 7, 2019 (edited) I have a brand new setup of two ADCs. One is 12.1 and the other is 13.0. Both are running on XenServer 8.0. I can connect to the ADCs using the GUI without any problems. I already configured reverse ICA, LB, etc. so far so good. The only problem that I encountered is connecting using PuTTY, WinSCP or FileZilla. ** In WinSCP, I get this message: "Network error: Software caused connection abort" and "Could not connect to server" the protocol is SFTP and the port is 22 as usual... ** In PuTTY, same error message as above. I am using the SSH and port 22 as well. ** In FileZilla, I get same error as well. There is no firewall and the NSIP and my jumpbox where I initiate the connection is on the same subnet. Most settings should still be at default. I checked the NSIP configuration under Network > IP > Configure IP and they are as expected, the Enable Management Access to support the below listed apps are all selected correctly: Telnet, SSH, GUI, FTP, SNMP are all checked. the "Allow access only to management applications" box is unchecked. "Secure Access Only" check box is unchecked. I also tried enabling management on the SNIP by ticking some of these boxes and then tried to connect using the SNIP but same issue as NSIP. Any suggestions on troubleshooting this would be appreciated. Edited November 7, 2019 by aosmantx Link to comment Share on other sites More sharing options...
Byron quotKeithquot Dalrymple Posted November 18, 2019 Share Posted November 18, 2019 Similar issue upon upgrading to 12.1.54.6 with these errors upon attempting to start the SSH daemon /etc/sshd_config line 18: Deprecated option UsePrivilegeSeparation /etc/sshd_config line 34: Bad SSH2 mac spec 'hmac-sha1,hmac-ripemd160' Has anyone else seen this issue? Link to comment Share on other sites More sharing options...
Sean Ritter Posted January 8, 2020 Share Posted January 8, 2020 I am having the same issue as @Byron quotKeithquot Dalrymple after upgrading firmware to 12.1.55.13. Were you able to resolve this? I'm assuming these lines need to be removed? In addition, after performing this upgrade, when performing any function in the GUI logged in as nsroot it is returning "not authorized to execute this command" Link to comment Share on other sites More sharing options...
MASON WITT Posted January 16, 2020 Share Posted January 16, 2020 We are seeing this as well after updating to 12.1 54.13. Have you figured anything out? Link to comment Share on other sites More sharing options...
Sean Ritter Posted January 16, 2020 Share Posted January 16, 2020 Yes, I had to connect with a serial cable and comment out these lines in /nsconfig/sshd_config one of which was added to address this false positive. https://support.citrix.com/article/CTX209398 #option UsePrivilegeSeparation #MACs hmac-sha1,hmac-ripemd160 When you connect with a serial cable and try to start ssh (/usr/sbin/sshd –f /etc/sshd_config) you will see errors like “/etc/ssh/sshd_config line 10: Deprecated option UsePrivilegeSeparation“ 2 Link to comment Share on other sites More sharing options...
MASON WITT Posted January 16, 2020 Share Posted January 16, 2020 Thanks Sean. I was hoping that wouldn't be the case. Guess I'm taking a drive to their location. Link to comment Share on other sites More sharing options...
Kee Xiong Wong Posted February 25, 2022 Share Posted February 25, 2022 On 1/17/2020 at 6:01 AM, Sean Ritter said: Yes, I had to connect with a serial cable and comment out these lines in /nsconfig/sshd_config one of which was added to address this false positive. https://support.citrix.com/article/CTX209398 #option UsePrivilegeSeparation #MACs hmac-sha1,hmac-ripemd160 When you connect with a serial cable and try to start ssh (/usr/sbin/sshd –f /etc/sshd_config) you will see errors like “/etc/ssh/sshd_config line 10: Deprecated option UsePrivilegeSeparation“ Can provide the Step how changes the file? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now