Sometimes you need to disconnect someone’s ssh session to a Cisco ASA. This may be needed because users haven’t logged out properly and have taken up all the sessions allowed.
Check Usage Limits
You can check usage limits by seeing how many sessions the ASA thinks are connected.
|
In this case the ASA can only connect 5 years and it thinks there are 5 sessions open and therefore it cannot connect any more.
There’s a bug that doesn’t properly release sessions from the ASA. https://bst.cloudapps.cisco.com/bugsearch/bug/CSCsm68097
Show current ssh sessions
To display all ssh sessions connected run this command.
|
Disconnect user
If you want to disconnect user henry, find the SID and use this command:
|
Comments