I've got an APC AP7920 Switched PDU that I couldn't connect to via SSH from my Mac OS X machine (Mac OS X 10.5.6 / OpenSSH 5.1p1).

I could connect via a web browser from my Mac so I knew it couldn't be just a faulty network interface. And I could also SSH from my iPhone and a CentOS box (OpenSSH 4.3p2), so SSH was enabled and working on the PDU.

When first connecting to the unit via SSH it would take quite a while (15-20 seconds) before getting a password prompt. After typing in the password I'd get a 'Connection reset by peer' and be chucked back to the terminal prompt.

ssh -l user pdu.domain.com
Authenticated with partial success.
user@pdu.domain.com's password:
Read from remote host pdu.domain.com: Connection reset by peer
Connection to pdu.domain.com closed.

After much trial and error, googling, firmware updates and reboots I was no further ahead. Various combinations of SSH v1, v2, and encryption algorithm settings were configured on the PDU web interface without success.

Then I found someone else who was having a similar issue ( http://www.gossamer-threads.com/lists/openssh/dev/44263 ). Commenting out a snippet of code and recompiling fixed their issue. As a Mac user I didn't feel like having to edit code and recompile, so luckily after a bit more reading I found a clue in the release notes for OpenSSH 5.1 ( http://www.openssh.com/txt/release-5.1 ) This new security feature ("no-more-sessions@openssh.com") is only sent 'when the client knows that it will never request another session (i.e. when session multiplexing is disabled).'

That combined with something I'd read in the ssh man pages lead me to try adding the -M switch to my ssh command.

And it worked.

The -M switch makes ssh go 'into "master" mode for connection sharing.' which prevents it from sending the offending "no-more-sessions@openssh.com" request that the APC SSH server doesn't like.

ssh -M -l user pdu.domain.com
Authenticated with partial success.
user@pdu.domain.com's password:

American Power Conversion Network Management Card AOS v3.7.0
(c) Copyright 2008 All Rights Reserved Rack PDU APP v3.7.0

It still takes 15-20 seconds to connect, but at least it works now. 8)

Adding the -M switch may also help with other devices that use embedded SSH servers (some HP Printers, Netscreen routers, etc)

So if you've been struggling with SSH and your APC devices, hopefully this will work for you too.

If it doesn't then try the only other working combo I found. Turn on SSH v1 on the PDU, then connect using:

ssh -1 -c blowfish -l user pdu.domain.com

This will force you to connect using SSHv1 and blowfish, which isn't as secure as SSHv2.