HPE Community
Switches, Hubs, and Modems
1753909 Members
8674 Online
108810 Solutions
New Discussion юеВ

Problem with 2500s using CLI feature in PCM with SSH

 
swaize
Frequent Advisor

тАО03-24-2009 03:19 AM

тАО03-24-2009 03:19 AM

Problem with 2500s using CLI feature in PCM with SSH

Have recently started the process of upgrading the security on 2500's by adding SSH access.

Ran into some problems in PCM whereby it does not enable the SSH option for these switches in the software.

This is resolved with the solution given here:
http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1237892536259+28353475&threadId=974838

However, once past this stage I run into further problems where by I cannot use the CLI feature in PCM to issue commands to SSH'd 2500s.

SSH does work though, through putty and if you directly SSH via PCM i.e If I right click switch and choose 'SSH to device', I get in.

It is only when I use the CLI fature and PCM tries to SSH itself that it does not work.

It simply hangs at this stage indefinitely. Same also occurs, when perforing 'Test Communication Parameters' in PCM.

I believe it could be something along the lines of the first solution, where by some config settings need changing to tell PCM how to talk to SSH'd 2500s when accessing through CLI feature.

Can any one help?
0 Kudos
2 REPLIES 2
Javed Padinhakara
Respected Contributor

тАО03-24-2009 03:59 AM

тАО03-24-2009 03:59 AM

Re: Problem with 2500s using CLI feature in PCM with SSH

swaize,

What is the mode you have selected while configuring CLI communication parameters in PCM for that device?
For SSH Mode of communication, we can select either the authentication to happen via password or via certificates.

So if you would like to set the authentication part to be using certificates, make sure you follow these steps:

Usually, the following steps are performed to setup the SSH communication
1) Generate Key in PCM ( Global Preferences > Device Access > SSH Key )
2) Copy the key file ( will be created under server\config directory, by the name procurveSSH2.pub ) to the switch via tftp. Confirm it has been correctly copied by doing a "show cryto client-public key"
3) Generate key in the switch ("crypto key generate ssh....")
4) Copy the key from switch (do a "show crypto host-public-key fingerprint" and copy it ) and set it in PCM for the device via Device Manager>"Communication parameters in PCM" and pasting the key in the textbox.
5) Now do a "Test communication paramters" on the device using Device Manager feature to make sure the communication parameters have been successfully set.

Check out by applying the above steps and then attempting a Scan.

Let know if that helped?
Javed


0 Kudos
swaize
Frequent Advisor

тАО03-25-2009 02:40 AM

тАО03-25-2009 02:40 AM

Re: Problem with 2500s using CLI feature in PCM with SSH

Have looked more at this.

Is not any problem with the set ups or configs on the switches. ssh works fine using an ssh client outside of pcm such as putty.

For some reason PCM is hanging when I scan certain 2500's that have SSH set up on them.

I say sort of because, it does not hang completely. It just halts at the ssh stage when doing a 'test communications parameters' in PCM.

From then on you cannot run this function on any device, ssh or not. It just sits at scheduled until I reboot the server.

Starting to think it's a bug, and therefore not much I can do about it.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.