Unable to SSH into the Edge SWG (ProxySG) appliance
How come I am unable to SSH into my Edge SWG (ProxySG) appliance?
 

There may be many different reasons why you are unable to SSH into your Edge SWG (ProxySG).  Check the following:

• See if the workstation allows SSH traffic.
• Make sure any firewall between the workstation and the Edge SWG (ProxySG) allows SSH traffic
• Make sure the Edge SWG (ProxySG) SSH host information is populated and correct.

On the Edge SWG (ProxySG) device, make sure the SSH v2 information is populated.  If not, then create an SSH v2 key pair.  Here are the steps to verify that this is functioning as expected.

SGOS 6.x - From the Management Console

1. Go to the Management Console (https://<ip.address.of.proxysg>:8082/ ) and login.
2. Go to the Configuration tab > Authentication > SSH Inbound Connection 
3. Look at the box that says "SSHv2 Host Key Pair".  If this box is blank, then click on the "Create" button.  Once the key pair has been created, you should be good to go.  The SSH key pair should start with something such as "ssh-rsa" and then a bunch of random looking text.
4. Test and make sure you are able to SSH into the device with the new key.  NOTE:  If you receive an error message when attempting to log in to the system after regenerating the host key pair, locate the ssh known hosts file and delete the system's IP address entry.  This course of action may differ depending on the application that you use to connect to the Edge SWG (ProxySG).

Checking the Edge SWG (ProxySG) Sysinfo:

1. Go to https://<ip.address.of.proxysg>:8082/sysinfo
2. Search for the following text:

!- BEGIN ssh
ssh-console ;mode
delete host-keypair sshv2
exit
 

If the SSH console was deleted, the text above will show up.  If the SSH console is intact, then the above text will not exist in the sysinfo.  So if you search for ssh-console and you do not see a section of text like you see above, then the host key pair is still intact.

Note - When SSH v2 keypair is not present in current config (i.e deleted or not initialized properly) , SGOS may not also populate information correctly over the management console (JAVA UI) , in that case SSH v2 host keypair can’t be created via management console . A serial console connection will be needed with the device to create / renew SSH v2 host keypair and CLI commands shown above can be used.