Cannot create SSH host keypair in ProxySG Management Console

book

Article ID: 169324

calendar_today

Updated On:

Products

Asset Management Solution ProxySG Software - SGOS

Issue/Introduction

In some SGOS 6.5.x releases, the Create button (in the Management Console, select Configuration > Authentication > Console Access > SSH Host) is unavailable.
If there is no existing SSH keypair, you are also unable to log in to the appliance through SSH to create a new keypair.

Resolution

Perform the following steps.

Step 1 - Connect to the CLI

Connect to the appliance command line interface (CLI) using one of the following methods:
  1. (Recommended; this is the most secure method) Connect through a serial console connection.
  2. Create a temporary Telnet management service; see KB article 000008745. Specify the settings:
IP address: the appliance IP address
Port: the default Telnet port 23

Warning: Telnet connections are insecure, as all data is sent between the client and the proxy in plain text. If you use this option, remember to disable the Telnet management service after completing this procedure.

Step 2 - Create the keypair in the CLI

Log in to the CLI and issue the following commands:

ProxySG>enable
        Enable Password:
        ProxySG#config t
        Enter configuration commands, one per line.  End with CTRL-Z.
        ProxySG#(config)ssh-console
        ProxySG#(config ssh-console)create host-keypair sshv2
          ok
        ProxySG#(config ssh-console)exit
        ProxySG#(config)exit
        ProxySG#


Step 3 - Verify that the keypair was created in the Management Console

Log in to the Management Console and look for the keypair (Management Console > Configuration > Authentication > Console Access > SSH Host).