HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

Unable to ssh to IRF stack

 
stefano-meddi
Occasional Visitor

Unable to ssh to IRF stack

Hi all,

we have 4switches configured in IRF stack.

everything is working fine though we're unable to ssh into it. We already had enabled ssh from serial and assigned network admin roles to our users.

during connection to the switch we reiceved this error message:

"Connection to 10.128.101.1 closed by remote host.
Connection to 10.128.101.1 closed."

this is the actual configuration of the stack:

 sysname HPE 
# 
clock timezone Lisbon add 00:00:00 
clock protocol none 
# 
irf mac-address persistent timer 
irf auto-update enable 
undo irf link-delay 
irf member 1 priority 32 
irf member 2 priority 31 
irf member 3 priority 30 
irf member 4 priority 29 
# 
lldp global enable 
# 
password-recovery enable 
# 
vlan 1 
# 
irf-port 1/1  
#
 scheduler logfile size 16 
# 
line class aux 
user-role network-admin 
# 
line class vty 
user-role network-operator 
# 
line aux 0 3 
user-role network-admin 
# 
line vty 0 63 
user-role network-operator 
# 
ssh server enable 
sftp server enable 
ssh user admin service-type all authentication-type password 
ssh user prisma service-type all authentication-type password 
scp server enable 
# 
ntp-service source Vlan-interface1 
# 
radius scheme system 
user-name-format without-domain 
# 
domain system 
# 
domain default enable system 
# 
role name level-0 
description Predefined level-0 role 
# 
role name level-1 
description Predefined level-1 role 
# 
role name level-2 
description Predefined level-2 role 
# 
role name level-3 
description Predefined level-3 role 
# 
role name level-4 
description Predefined level-4 role 
# 
role name level-5 
description Predefined level-5 role 
# 
role name level-6 
description Predefined level-6 role 
# 
role name level-7 
description Predefined level-7 role 
# 
role name level-8 
description Predefined level-8 role 
# 
role name level-9 
description Predefined level-9 role 
# 
role name level-10 
description Predefined level-10 role 
# 
role name level-11 
description Predefined level-11 role 
# 
role name level-12 
description Predefined level-12 role 
# 
role name level-13 
description Predefined level-13 role 
# 
role name level-14 
description Predefined level-14 role 
# 
user-group system 
# 
local-user admin class manage 
password hash ********
service-type ssh telnet terminal http https 
authorization-attribute user-role security-audit 
password-control aging 365 
password-control login-attempt 10 exceed lock-time 1 
# 
local-user prisma class manage 
password hash ************************* 
service-type ssh telnet terminal http https 
authorization-attribute user-role level-3 
authorization-attribute user-role network-admin 
authorization-attribute user-role network-operator 
password-control aging 365 
password-control login-attempt 10 exceed lock-time 1 
# 
ftp server enable 
# 
ip http enable 
# 
return  

thanks in advance.

Best regards

1 REPLY
VoIP-Buddy
HPE Pro

Re: Unable to ssh to IRF stack

Stefano,

You are missing authenticaion-mode scheme on a line vty.

Did you generate the public keys?  If not, use the public-key local create command.

David