03-17-2020 07:48 PM
Good day everyone, to meet emerging requirements I am attempting to configure in a lab PKI login, via SSH, to Cisco IOS. I am using information from various Cisco sources but most are similar to the below. Test configuration is also below and PuttyCAC is configured to use a CAPI certificate but no matter what I do IOS and Putty will only agree on ssh-rsa. I know using Radius is unusual, however it has broader support across platforms than TACACS+
Configuring SSH with x509 authentication on IOS devices
aaa group server radius WINRADIUS
server name RADIUS
aaa authentication login local_access local enable
aaa authorization config-commands
aaa authorization exec WINRADIUS group radius local
aaa authorization network WINRADIUS group radius local
aaa authorization configuration WINRADIUS group radius
crypto pki trustpoint CA
enrollment mode ra
enrollment url http://xxx.xxx.xxx.xxx:80/CertSrv/mscep/mscep.dll
usage ssl-server
usage ssl-client
serial-number
fqdn IR01.xxx
ip-address xxx.xxx.xxx.xxx
subject-name cn=IR01.xxx
subject-alt-name IR01.xxx
revocation-check ocsp
source interface Vlan11
rsakeypair PKI 4096
authorization list WINRADIUS
authorization username subjectname commonname
hash sha256
!
ip ssh maxstartups 2
ip ssh time-out 60
ip ssh source-interface Vlan11
ip ssh rsa keypair-name PKI
ip ssh logging events
ip ssh version 2
ip ssh server certificate profile
ip ssh server algorithm mac hmac-sha1
ip ssh server algorithm encryption aes256-ctr
ip ssh server algorithm hostkey x509v3-ssh-rsa
ip ssh server algorithm authentication publickey keyboard
ip ssh server algorithm publickey x509v3-ssh-rsa
ip radius source-interface Vlan11
radius server RADIUS
address ipv4 xxx.xxx.xxx.xxx auth-port 1812 acct-port 1813
key xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Anyone have any ideas please?
03-18-2020 01:04 AM - edited 03-18-2020 01:06 AM
Hi,
Looks like the configuration is incomplete, you didn't mention which certificates to be used in the authentication process:
ip ssh server certificate profile
server
trustpoint sign CA
user
trustpoint verify CA
Also, i'm not sure how SSH-RSA works, if you didn't specify it:
ip ssh server algorithm hostkey x509v3-ssh-rsa ssh-rsa
ip ssh server algorithm publickey x509v3-ssh-rsa ssh-rsa
Have you also properly configure the SSH client? http://risacher.org/putty-cac/
Regards,
Cristian Matei
03-18-2020 06:39 PM
Apologies the following is present in the config.
ip ssh server certificate profile
server
trustpoint sign CA
ocsp-response include
user
trustpoint verify CA
The goal here is to use x509v3-ssh-rsa not ssh-rsa.
Unfortunately the URL you gave is out of date. The PuttyCAC code is now on GitHub. However most documentation has not been updated for this release.
03-19-2020 01:13 PM
Hi,
I was saying that i don't understand how it negotiates ssh-rsa, since that option is not configured. Can you post the complete output of "show ip ssh" and while trying to connect, run the following debugs, and post the output here:
debug ip ssh detail
debug crypto pki transactions
debug crypto pki messages
debug crypto pki validation
Regards,
Cristian Matei.
03-19-2020 05:52 PM
Good day, sh ip ssh output is below. One issue here maybe is to get IOS to generate x509v3 SSH keys or to get them into IOS. But the procedures found so far require RSA keys to be generated on the device prior to requesting a certificate for said device.
sh ip ssh
SSH Enabled - version 2.0
Authentication methods:publickey,keyboard-interactive
Authentication Publickey Algorithms:x509v3-ssh-rsa
Hostkey Algorithms:x509v3-ssh-rsa
Encryption Algorithms:aes256-ctr
MAC Algorithms:hmac-sha1
KEX Algorithms:diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
Authentication timeout: 60 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 2048 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded): PKI
ssh-rsa
Debug output.
Mar 19 19:48:39.189 CDT: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss server x509v3-ssh-rsa
Mar 19 19:48:39.189 CDT: %SSH-5-SSH2_SESSION: SSH2 Session request from xxx.xxx.xxx.xxx (tty = 0) using crypto cipher '', hmac '' Failed
Mar 19 19:48:39.189 CDT: %SSH-5-SSH2_CLOSE: SSH2 Session from xxx.xxx.xxx.xxx (tty = 0) for user '' using crypto cipher '', hmac '' closed
Mar 19 19:48:39.161 CDT: SSH0: starting SSH control process
Mar 19 19:48:39.161 CDT: SSH0: sent protocol version id SSH-2.0-Cisco-1.25
Mar 19 19:48:39.177 CDT: SSH0: protocol version id is - SSH-2.0-PuTTY_Release_0.73_1
Mar 19 19:48:39.177 CDT: SSH2 0: kexinit sent: kex algo = diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
Mar 19 19:48:39.177 CDT: SSH2 0: kexinit sent: hostkey algo = x509v3-ssh-rsa
Mar 19 19:48:39.177 CDT: SSH2 0: kexinit sent: encryption algo = aes256-ctr
Mar 19 19:48:39.177 CDT: SSH2 0: kexinit sent: mac algo = hmac-sha1
Mar 19 19:48:39.177 CDT: SSH2 0: SSH2_MSG_KEXINIT sent
Mar 19 19:48:39.189 CDT: SSH2 0: SSH2_MSG_KEXINIT received
Mar 19 19:48:39.189 CDT: SSH2 0: kex: client->server enc:aes256-ctr mac:hmac-sha1
Mar 19 19:48:39.189 CDT: SSH2 0: kex: server->client enc:aes256-ctr mac:hmac-sha1
Mar 19 19:48:39.289 CDT: SSH0: Session disconnected - error 0x00
03-28-2020 01:20 AM - edited 03-28-2020 01:24 AM
Hi,
I would try using a different SSH client, based on the below output, as the client does not seem to support x509v3-ssh-rsa so it seems to be closing the session (or it's misconfigured):
No matching hostkey algorithm found: client ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss server x509v3-ssh-rsa
I would also try upgrading the router, just to be sure, although it doesn't look like the router being the problem. Could you also completely delete the config and do it again, including the RSA key generation? Remove this command "ip ssh rsa keypair-name PKI" and regenerate the RSA keys, use a modulus length of 2048.
Regards,
Cristian Matei.
03-31-2020 07:52 PM
So the 891W router is running 159-3.M1 which is current for the device. SSH keys and the certificate are removed from the device (it was about to expire anyway.)
What type of RSA key should be generated please? IOS offers encryption, general-keys, signature, and usage-keys.
So far have tried PuttyCAC 0.71 and TectiaSSH, am working thru CentOS OpenSSH next after this.
04-01-2020 01:39 AM
Hi,
Use "general Keys" fo 2048 bit. Identify an SSH client (like Pragma Fortress) which has support for RFC6187. The fact that an SSH client supports public-key authentication (this can be done is several ways), it doesn't mean it supports RFC6187.
Regards,
Cristian Matei.
04-01-2020 05:36 PM - edited 04-01-2020 05:38 PM
You would be correct regarding RFC6187 support in SSH. Digging around a little appears to show a "standards war" regarding the certificate format SSH should support. Wonderful. Need to think about this more now.
04-01-2020 10:53 PM
Hi,
Indeed, the RFC's are there, but implementations are rather scarce and non-consistent.
Regards,
Cristian Matei.
11-15-2024 06:26 AM
Was there ever any resolution to this? I too now have to implement this setup.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide