Symptom

An SSH session to a switch does not terminate when exited. This may lead to a build up of stale SSH sessions preventing further logins once the session limit is reached.

Conditions

This issue may occur on Nexus 5000, 6000, 7000, 9000 and MDS switches when SSH is used to connect to the switch. DCNM and Cisco PRIME makes such connections to monitored switches periodically during normal operation which can lead to consumption of all SSH sessions.

Workaround

To prevent the issue occurring in new SSH sessions, configure a non-default timeout value after opening the session using the terminal session-timeout command. This may work in some cases. To clear the issue once it has occurred, either: 1) in a dual supervisor system perform a supervisor switchover using the system switchover command, or 2) disable the SSH feature using the no feature sshd command and then reconfigure it. To automatically clear this issue on a regular basis, configure a periodic EEM script to disable and reconfigure SSH. Neither of these steps prevent the issue recurring.

Further Problem Description