Guest

Preview Tool

Cisco Bug: CSCvv28540 - ASR9K sending SSH identification string which is terminated by LF charactor and doesn't contain CR

Last Modified

Sep 28, 2020

Products (11)

  • Cisco ASR 9000 Series Aggregation Services Routers
  • Cisco ASR 9910 Router
  • Cisco ASR 9922 Router
  • Cisco IOS XR Software
  • Cisco ASR 9010 Router
  • Cisco ASR 9904 Router
  • Cisco ASR 9006 Router
  • Cisco ASR 9901 Router
  • Cisco ASR 9001 Router
  • Cisco ASR 9906 Router
View all products in Bug Search Tool Login Required

Known Affected Releases

7.1.1.BASE

Description (partial)

Symptom:
The customer faced issue with NSO while adding the ASR9K device with eXR version 7.1.15. The NSO is not able to fetch the SSH host key from the ASR9K device.

While troubleshooting the issue it was found that the ASR9K is sending the identification string which is terminated by single LF character and doesn't contain the CR character. Hence the NSO is rejecting the same.

As per RFC 4253, the  The identification MUST be terminated by a single Carriage Return (CR) and a single Line Feed (LF) character (ASCII 13 and 10, respectively).


https://tools.ietf.org/html/rfc4253#section-4.2

Checked the behavior in the lab router while doing ssh to the ASR9K from the MAC laptop. The MAC (SSH client) is sending the identification string which is terminated by CR and LF. Where as the ASR9K is sending the identification string which is terminated by only LF.

Conditions:
None
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.