Junos OS

Hello community

I have a Juniper MX10003 (running 17.4R2.4) that suddenly stopped to reply ssh login requests, only Telnet is allowed.

I can see dozens of sessions on "show system users" output. I am trying to remove them manually but SSH still does not work.

There are also dozens of SSH sub-processes on the "show system processes extensive | match sshd" output

NOTE: Sessions have the deault timeout, no access-lists, profiles, etc and I do not know shy sessions remain active after hours of innactivity.

Is there any way to restart whole SSH service? Any suggestion?

Thanks in advance.

- JoseM

Hi ,

have you tried to restart MGD daemon?

please save  RSI for future reference

request support information |no-more |save pre-MGD_kill_RSI

Then use below command to find out the MGD PID then try to kill it in shell server.

show system processes extensive|match mgd

start shell user root

<password>

# kill <pid>

Hello,

---

@jmiguelhp wrote:

 

I have a Juniper MX10003 (running 17.4R2.4) that suddenly stopped to reply ssh login requests, only Telnet is allowed.

 

I can see dozens of sessions on "show system users" output. I am trying to remove them manually 

 

Do You have perhaps an automation server/NMS server that (re)logs in automatically when its session is cleared/dropped?

Are the source IPs all the same or different as displayed in "show system users" output?

---

@jmiguelhp wrote:

 

NOTE: Sessions have the deault timeout,

 

JUNOS default is no login timeout, You need to configure one explicitly in [system login class] stanza.

Server-side SSH keepalives are also a good idea.

---

@jmiguelhp wrote:

 

 

Is there any way to restart whole SSH service? Any suggestion?

 

Of course.

deactivate system services ssh
commit
activate system services ssh
commit

HTH

Thx

Alex

Thanks both guys, I desabled and enabled ssh and this fixed the issue. 

BR // JM