SRX

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  SSH doesn't work

    Posted 07-20-2016 09:33

    Hi everybody.

     

    Today I wanted implement ssh authentication ssh-rsa configuring my rsa-key. After that, ssh didn't work and I decided to rollback the config. After the rollbacl I'm not able to access to the firewal via ssh as before. I receive the message "Connection refused by remote host".This is my conf. Any suggestion?

     

    set system services ssh root-login allow

    [...]

    set security address-book YOTI-OFFICE address YOTI-1 77.89.191.176/29
    set security address-book YOTI-OFFICE address YOTI-2 80.169.112.24/29
    set security address-book YOTI-OFFICE address-set ASET-YOTI-OFFICE address YOTI-1
    set security address-book YOTI-OFFICE address-set ASET-YOTI-OFFICE address YOTI-2
    set security address-book YOTI-OFFICE attach zone untrust
    set security address-book global address LAN 172.16.0.0/24
    set security address-book global address RASPI 172.16.0.2/32

    [...]

    set security policies from-zone trust to-zone untrust policy trust-to-untrust match source-address any
    set security policies from-zone trust to-zone untrust policy trust-to-untrust match destination-address any
    set security policies from-zone trust to-zone untrust policy trust-to-untrust match application any
    set security policies from-zone trust to-zone untrust policy trust-to-untrust then permit

    [...]

    set security zones security-zone untrust host-inbound-traffic system-services ssh
    set security zones security-zone untrust interfaces at-1/0/0.0 host-inbound-traffic system-services ssh

     


    #ssh


  • 2.  RE: SSH doesn't work

     
    Posted 07-20-2016 21:11

    Can you try regenerating the SSH keys.

     

     

    At shell prompt enter the following commands:


    user@switch%ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
    user@switch%ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

     

    Ref: https://kb.juniper.net/InfoCenter/index?page=content&id=KB24078&actp=search

     



  • 3.  RE: SSH doesn't work

    Posted 07-21-2016 02:30

    Still no luck

     

    federico@federico:~$ ssh federicolivieri.noip.me
    ssh_exchange_identification: Connection closed by remote host

     

     

    login {
    user federico {
    full-name "Federico Olivieri";
    uid 2003;
    class super-user;
    authentication {
    ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAB9TZ/O3Akzb78CY8ExihPJkW6oWsihL30VS1B1ZY6bMiytRnn4Exn58Y1NbxwjMzKae3Ybn1IdLusJFPriDza8w2280nWSWdGVG/7gMNKxMFn0GAGyg5ciN5PfDsBEALZyjM5l1KRCe8NibVypnt4sY6oFonOapzzcWiLAujw/xs++dGUXtCoRegHSZaH5KmSds8vLEdP/045O3ScFKWz2K2vwbQ1kL3gV5GQOR0TG5JLf08eYUDUaIH7JXggP6yLKi1c500mUm5E/yeXyZSjScC0d0th3IFCIuKumG7sg9DKLirxYUdJfd4P061v9Z/Hgdyiniqrgm7TGrPpVHFjDFV02XxGkPHsFWF6wzp433g7ELciz7TdkRXdSe+5Ab56tWisUCZvQusVc6bKQz2VedW5JgS9JTLRA/fGjszf8rqhtsGDnTS6Pqlazny6MXpKnwwr5sNDskfrQI9gmusHWLxW8QSfNDidYoNvhhvsk0sBDFVwe+JmLAqXhWZsBI6cEhC/RLfgt1WXtWagGTZ7U0zOztUTwmNg5ZzznqEnRMWeOsYBabj+5MNUK/cGMW0i1jHMqnoOHGfutrWkdNZE08xpx3hvrDJEZFpuccji1igKpneja7k+dFk7o8TFoKD5tFkqQtXlWwkarG7eKUKdYL2+EBCmbw== federico@federico"; ## SECRET-DATA