It would be helpful to have details about this issue, what device, what version of code, etc. But I am going to suggest that the issue might be about version of encryption algorithm. Many devices running newer code reject attempts to SSH using older/more simple/less secure algorithms. I am guessing that your putty is new enough to support newer/better versions but CLI Analyzer probably uses just older versions. If you want to test it I suggest that you enable debug for SSH, attempt access with CLI Analyzer, and post the debug output.

On same workstation- putty works , CLI-analyzer app does NOT. After failed SSH from CLI analyzer...

ISR4321-K9, Version 16.06.04

---

ISR4321-K9#sh logg

*Mar 9 20:32:45.675: %SSH-3-NO_MATCH: No matching kex algorithm found: client curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 server diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1

----

Where in CLI-analyzer can this be fixed?

Thank you

There's something basic I don't understand-- When I use a SSH such as putty or CLI-Analyzer, I expect all that happens is that it speaks SSH protocol to the remote device, and the remote device tells the local workstation what it requires (use this algorithm, this cipher, these credentials), and then the local workstation responds.

1. Is there something crucial that I'm missing here?

2. Why would Putty work but CLI not work if the essential ability is only to speak SSH (an easy technology for computers & apps)?

that valid question, every program has its own built-in ciphers  example putty :

As a way, Cisco Cli Analyzer also has somewhere ciphers ( I am in guess) long have used Cli analyzers. (last it was released 2021, now we are in 2023) things in security world changed

What SSH app do you prefer? Which do you feel has the best features?

Many people use Putty and are happy with it. My favorite app is SecureCRT.

Most people uses Putty - does not have multi tab, Putty Plus (if you looking  multi-tab)

SecureCRT - is paid version - you can do some scripting using SecureCRT.

Your understanding " if the essential ability is only to speak SSH (an easy technology for computers & apps)" is a bit incomplete. The software must not only speak SSH but it must also encrypt and decrypt messages sent and received by the software. It appears that your software does not have some of the newer encryption algorithms required by some of the newer network devices. I hope that a software upgrade, as suggested by BB, will provide a solution.