Alcatel Unleashed

Dear All,

Could you please help me about my SSH sessions ?

When I logged in to my backbone which is Alcatel 9700, via SSH sessions it is OK , I have no problem with connecting my backbone. However previously I can login to my floor switches by creating additional ssh sessions via CLI of 9700 but now I cant. I get the following eror ,

" SSH is already in use"
"Call to SSH failed"

This is production switches and I cant reboot them randomly

Please Help
Regards

Maybe there are to many ssh sessions still open. Max is 4.
when your session timeout is to long than it takes ....
you can connect vio console and check the sessions with "who". Now you are able to "kill" them too.
regards
Silvio

Hello Silvio,

Thanks for your reply, I really appreciate it and need help. I have checked the issue with who and whoami but When I've checked my IP address I am the only session ID and no need to kill the other sessions I guess.

Here are some commands and maybe these commands make you understand the picture a little bit.

Thanks for your help in advance

Alcatel_9700-> who
Session number = 0
User name = (at login),
Access type = console,
Access port = Local,
IP address = 0.0.0.0,
Read-only domains = None,
Read-only families = ,
Read-Write domains = None,
Read-Write families = ,
End-User profile =
Session number = 2
User name = admin,
Access type = ssh,
Access port = NI,
IP address = 10.0.11.130,
Read-only domains = None,
Read-only families = ,
Read-Write domains = All ,
Read-Write families = ,
End-User profile =

Alcatel_9700-> show ssh config
SSH = Enabled
SCP/SFTP = Enabled
Public Key Authentication Enforced = False

Alcatel_9700-> show ip service

Name Port Status
----------------------+-------+---------
ftp 21 enabled
ssh 22 enabled
telnet 23 disabled
udp-relay 67 enabled
http 80 disabled
network-time 123 enabled
snmp 161 enabled
avlan-telnet 259 enabled
avlan-http 260 enabled
avlan-secure-http 261 enabled
secure-http 443 disabled
avlan-http-proxy 262 enabled


This is the error that I get as follows

Alcatel_9700-> ssh 10.0.0.6
SSH is already in use.
ERROR: Call to ssh failed.

show log swlog appid ssh session

TUE OCT 22 14:41:48 2019 SSH info Session 54, Session Deleted
TUE OCT 22 14:46:34 2019 SSH info Session 55 New SSH Connection fr om 10.0.11.130 port 63916
TUE OCT 22 14:46:34 2019 SSH error [SSH 55] no hostkey alg
TUE OCT 22 14:46:37 2019 SSH info Session 55, Session Deleted
TUE OCT 22 14:46:57 2019 SSH info Session 56 New SSH Connection fr om 10.0.11.130 port 63916
TUE OCT 22 14:47:14 2019 SSH info Session 56, Session Deleted
TUE OCT 22 14:59:30 2019 SSH info Session 57 New SSH Connection fr om 10.0.11.130 port 63916
TUE OCT 22 14:59:33 2019 SSH info Session 57, Session Deleted
WED OCT 23 07:16:50 2019 SSH info Session 58 New SSH Connection fr om 10.0.11.130 port 63916
WED OCT 23 07:21:30 2019 SSH info Session 58, Session Deleted
WED OCT 23 09:13:16 2019 SSH info Session 59 New SSH Connection fr om 10.0.11.130 port 63916
WED OCT 23 09:13:39 2019 SSH info Session 59, Session Deleted
WED OCT 23 13:16:32 2019 SSH info Session 60 New SSH Connection fr om 10.0.11.130 port 63916
WED OCT 23 13:16:54 2019 SSH info Session 60, Session Deleted
WED OCT 23 14:55:14 2019 SSH info Session 61 New SSH Connection fr om 10.0.1.69 port 63916
WED OCT 23 14:56:04 2019 SSH info Session 61, Session Deleted
SAT OCT 26 12:11:42 2019 SSH info Session 62 New SSH Connection fr om 10.0.11.130 port 63916
SAT OCT 26 12:12:03 2019 SSH info Session 62, Session Deleted
SUN OCT 27 14:48:31 2019 SSH info Session 63 New SSH Connection fr om 10.0.1.47 port 63916
SUN OCT 27 14:52:58 2019 SSH info Session 63, Session Deleted
MON OCT 28 08:02:16 2019 SSH info Session 1 New SSH Connection fro m 10.0.11.130 port 63916
MON OCT 28 08:03:26 2019 SSH info Session 1, Session Deleted
MON OCT 28 08:04:29 2019 SSH info Session 2 New SSH Connection fro m 10.0.11.130 port 63916
MON OCT 28 08:29:43 2019 SSH info Session 2, Session Deleted
MON OCT 28 08:43:26 2019 SSH info Session 3 New SSH Connection fro m 10.0.11.130 port 63916


Thanks for your precious support in advance

So I understand that the ssh problem is not direct at your core but on your access switches. Are you able to ssh direct from your pc to this switches? if necessare serial to one of the switch and:
who
show ip services
show aaa authentication
show configuration snapshot qos

BR Silvio

Unfortunately, I don't have direct SSH to my Access Switches but I will try rebooting the core chassis and I will share the outcome with you but it is a production environment and I have to reboot it in a suitable time

Regards

Dear Silvio,

After rebooting the Chassis, the SSH problem didn't occurred again we can do our ssh sessions. But after 1 week later it did the same problem again.

We are investigating it, the only configuration change in main Chassis is; "we implement an inventory management software which takes SNMP information from the Chassis." I know it sounds illogical but the only application change is that specific software. Now we shall disable the inventory management software and reboot the Chassis again.

I will write here the update.

Best Regards