OPERATIONAL DEFECT DATABASE
...
...
Firepower device that has been upgraded multiple times may be inaccessible via ssh. sshd errors occur similar to the following sshd[4703]: error: openpty: No such file or directory sshd[4714]: error: session_pty_req: session 0 alloc failed
During a previous upgrade, a latent issue was introduced by corruption the devpts line in /etc/fstab, similar to the following: devpts /dev/pts devpts mode=6.2.3,gid=5 0 0 The corrupted entries will be fixed during the upgrade path through 6.2.3.12. However, if that path is skipped and if the device is upgraded directly from <6.2.x to 6.4.0 issue may be present. Please follow the workaround steps to correct it.
1. Login to ASA and attach to SFR module console by running "session sfr console" 2. Login and go to expert mode by running 'expert' command 3. Run "sudo -i" to get the root credentials 4. Edit /etc/fstab and find the line starting with "none /dev/pts devpts" 5. Delete that line and replace it with "none /dev/pts devpts gid=5,mode=620 0 0" 6. Check if CDROM entry is corrupted, change it to "/dev/cdrom /mnt/cdrom iso9660 noauto,owner,nosuid,nodev,ro 0 0" 7. Inspect UUID field if anything corrupted. Run "blkid | grep swap | awk -F'[= "]' '{print $4}'" to print swap UUID and replace the string if necessary. 8. Save and exit from the editor. 9. Run "mount -a" to remount /dev/pts 10. Run "mount | grep pts" to make sure that /dev/pts is remounted. 11. ssh into the box should be working at this point.
N/A
Cisco Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
