Showing results for 
Search instead for 
Did you mean: upgrade breaks CLISH if you have altered ssh port

Level 6

If your company is like ours and has as a security model adopted using ssh on a different port than the default 22 then when you upgrade the CLISH is broken for various commands. I have not investigated all the commands but a couple of prominent ones are Monitor > Hardware ShowStatus and Hardware ShowComponents along with Support > KillRemoteCall. The resolution is to edit the /etc/ssh/ssh_config to change the port there to the port that sshd is listening on.

If you have in the /etc/ssh/sshd_config Port 8222 then in the /etc/ssh/ssh_config you need to put in Port 8222. You need to make sure that the default Port 22 is commented out. No services need to be restarted. This is a change from 2.5.x where the CLISH just made internal calls. Now for certain calls it appears to issue an ssh remote command to the appliance itself and expects sshd to be listening. It is a good thing that the command did not hard code the script with port 22 but allowed the system to use the ssh_config values.

There is an ETrack that has been created to address this issue and the issue that the ssh_config and sshd_config were overwritten on this upgrade and may be on subsequent upgrades.