Junos OS

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  MX10003 SSH issues / SSHD

    Posted 04-20-2020 17:37

    Hello community

     

    I have a Juniper MX10003 (running 17.4R2.4) that suddenly stopped to reply ssh login requests, only Telnet is allowed.

     

    I can see dozens of sessions on "show system users" output. I am trying to remove them manually but SSH still does not work.

     

    There are also dozens of SSH sub-processes on the "show system processes extensive | match sshd" output

     

    NOTE: Sessions have the deault timeout, no access-lists, profiles, etc and I do not know shy sessions remain active after hours of innactivity.

     

    Is there any way to restart whole SSH service? Any suggestion?

     

    Thanks in advance.

    - JoseM

     

     

     


    #SSHSSHD


  • 2.  RE: MX10003 SSH issues / SSHD

     
    Posted 04-20-2020 18:09

    Hi ,

     

     

     

    have you tried to restart MGD daemon?

     

    please save  RSI for future reference

    request support information |no-more |save pre-MGD_kill_RSI

     

    Then use below command to find out the MGD PID then try to kill it in shell server.

     

    show system processes extensive|match mgd

     

    start shell user root

    <password>

     

    # kill <pid>



  • 3.  RE: MX10003 SSH issues / SSHD
    Best Answer

    Posted 04-20-2020 22:37

    Hello,

     


    @jmiguelhp wrote:

     

    I have a Juniper MX10003 (running 17.4R2.4) that suddenly stopped to reply ssh login requests, only Telnet is allowed.

     

    I can see dozens of sessions on "show system users" output. I am trying to remove them manually 

     

     

    Do You have perhaps an automation server/NMS server that (re)logs in automatically when its session is cleared/dropped?

    Are the source IPs all the same or different as displayed in "show system users" output?

     

     


    @jmiguelhp wrote:

     

    NOTE: Sessions have the deault timeout,

     

     

    JUNOS default is no login timeout, You need to configure one explicitly in [system login class] stanza.

    Server-side SSH keepalives are also a good idea.

     

     


    @jmiguelhp wrote:

     

     

    Is there any way to restart whole SSH service? Any suggestion?

     

     

    Of course.

     

    deactivate system services ssh
    commit
    activate system services ssh
    commit

     

    HTH

    Thx

    Alex



  • 4.  RE: MX10003 SSH issues / SSHD

    Posted 04-21-2020 13:47

    Thanks both guys, I desabled and enabled ssh and this fixed the issue. 

     

    BR // JM