SSH authentication issues

stuh84 · October 14, 2013, 7:59am

Hey all,

I currently have an issue with SSH on an estate of routers. We have our public keys on them, but every so often, the routers will not accept our logins. When this happens, we can log in to the router with the username “admin” and no password. Any attempt to change the admin password and put the keys back on is futile as after around 10-20 minutes the keys disappear and it goes back to only being accessible via the passwordless admin login.

At the same time, we also see that no files are able to be created (exporting configuration to a file fails for example), so it appears like the memory has gone into some form of read only mode. To “fix” these routers, a reboot solves the issue. However some of the routers that have been rebooted exhibit the same symptoms a few weeks later (not always, its very random as to if it will happen again).

The RouterOS on these isn’t the latest (a mixture of 5.12 and 5.14 on the estate of about 50 routers), but I have seen worse SSH issues with newer versions so I’m not going to upgrade just yet without good reason.

Has anyone seen anything similar to this, and if there is a way to fix this permanently? If it does require upgrade the estate then thats fine, just so long as its definitely been fixed in a release.

janisk · October 14, 2013, 9:30am

first of the use latest version in the series. Also, make sure that you are the only management connection to the router at the time of configuration. We have never seen such behaviour as you describe it, unless, someone is logged in and changes configuration.

stuh84 · October 14, 2013, 10:01am

No configuration changes at all, this happens randomly. This isn’t someone going on and changing details, this is the routers randomly becoming inaccessible with previously correct logins.

To add to this, I get a very different SSH failure reason. This is an example of what happens when I use an incorrect username on a random router: -

ssh showlette@ROUTERIP
showlette@ROUTERIP's password:

When the problem happens, I get the following instead

ssh showlette@ROUTERIP
Received disconnect from ROUTERIP: 14:

Have there been any fixes to SSH in RouterOS since 5.12 or 5.14? I am skeptical of upgrading given two of the routers I have on a later version has an even worse bug (cannot get a prompt to input commands, only the SSH banner comes up and then hangs). Unless its confirmed SSH changes have been made in later releases, I’m not going to upgrade just to hope it’ll fix the issue.