The IOS on the switch that doesn't work: 15.2(1)E1ĭebug1: Reading configuration data /Users/walwar/.ssh/configĭebug1: /Users/walwar/.ssh/config line 105: Applying options for XXX-3750ĭebug1: Reading configuration data /usr/local/etc/ssh/ssh_configĭebug2: resolve_canonicalize: hostname 172.20.13.1 is addressĭebug1: Connecting to 172.20.13.1 port 22.ĭebug1: identity file /Users/walwar/.ssh/id_rsa type 0ĭebug1: identity file /Users/walwar/.ssh/id_rsa-cert type -1ĭebug1: identity file /Users/walwar/.ssh/id_dsa type -1ĭebug1: identity file /Users/walwar/.ssh/id_dsa-cert type -1ĭebug1: identity file /Users/walwar/.ssh/id_ecdsa type -1ĭebug1: identity file /Users/walwar/.ssh/id_ecdsa-cert type -1ĭebug1: identity file /Users/walwar/.ssh/id_ed25519 type -1ĭebug1: identity file /Users/walwar/.ssh/id_ed25519-cert type -1ĭebug1: identity file /Users/walwar/.ssh/id_xmss type -1ĭebug1: identity file /Users/walwar/.ssh/id_xmss-cert type -1ĭebug3: hostkeys_foreach: reading file "/Users/walwar/.ssh/known_hosts"ĭebug3: record_hostkey: found key type RSA in file /Users/walwar/.ssh/known_hosts:38ĭebug3: load_hostkeys: loaded 1 keys from 172.20.13.1ĭebug3: order_hostkeyalgs: prefer hostkeyalgs: send packet: type 20ĭebug2: KEX algorithms: host key algorithms: ciphers ctos: ciphers stoc: MACs ctos: MACs stoc: compression ctos: compression stoc: languages ctos:ĭebug2: KEX algorithms: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1ĭebug2: ciphers ctos: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbcĭebug2: ciphers stoc: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbcĭebug2: MACs ctos: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96ĭebug2: MACs stoc: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96ġ. Here is the complete output from my client. IOS Keys in SECSH format(ssh-rsa, base64 encoded):ĭebug output from the switch that does work:ĭebug1: Authenticating to 172.30.49.3:22 as 'admin'ĭebug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha1 compression: noneĭebug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha1 compression: noneĪuthentication methods:publickey,keyboard-interactive,passwordĮncryption Algorithms:aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc Minimum expected Diffie Hellman key size : 4096 bits
#Key exchange failed securecrt software
This is the debug output from ssh on the switch that doesn't work:ĭebug1: Local version string SSH-2.0-OpenSSH_7.8ĭebug1: Remote protocol version 2.0, remote software version Cisco-1.25ĭebug1: match: Cisco-1.25 pat Cisco-1.* compat 0圆0000000ĭebug1: Authenticating to 172.20.13.1:22 as 'admin'ĭebug1: kex: algorithm: diffie-hellman-group14-sha1Īuthentication timeout: 120 secs Authentication retries: 3 Sep 3 13:20:52.805: %SSH-3-NO_MATCH: No matching cipher found: client server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbcĬrypto key generate rsa general-keys modulus 4096 Unable to negotiate with 172.20.13.1 port 22: no matching cipher found. and any ideas? I am out of clue to be honest, and don't know what to do next. It seems that the switch doesn't send matching ciphers though the ssh config on both switches are identical. So I have this 3750 stack switch which uses telnet to login to and today I wanted to change it to use ssh, but I can't login.
0 kommentar(er)
