Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
38802
Views
10
Helpful
9
Replies

Open SSH

Go to solution
moman62
Level 1
Level 1

‎09-25-2019 09:20 PM

Hello,

I wanted to know if I'm using Linux, could I access a cisco appliance (router, switch) using Open SSH?

2 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to moman62

‎09-26-2019 03:09 PM

OK, try:

 

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c aes128-cbc -l <username> 10.10.10.5

View solution in original post

0 Helpful
9 Replies 9

Go to solution
johnd2310
Level 8
Level 8

‎09-25-2019 09:48 PM

Hi,

yes, you can use the open ssh client in Linux to access your Cisco devices.

 

Thanks

John

**Please rate posts you find helpful**
0 Helpful

Go to solution
moman62
Level 1
Level 1
In response to johnd2310

‎09-25-2019 09:55 PM

Do you use it like putty or secure crt? by just using the IP Address? or is it a different sign-on?

0 Helpful

Go to solution
johnd2310
Level 8
Level 8
In response to moman62

‎09-25-2019 10:14 PM

Hi,

Once you install the openssh-client, you go to a terminal and run ssh user@x.x.x.x to connect to you device.

 

Thanks

John

**Please rate posts you find helpful**
0 Helpful

Go to solution
moman62
Level 1
Level 1
In response to johnd2310

‎09-25-2019 11:11 PM

I get this error message:

 

Unable to negotiate with 10.10.22.5 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to moman62

‎09-25-2019 11:26 PM - edited ‎09-25-2019 11:26 PM

Hi there,

As a sanity check confirm that the cipher is not in the configured allowed list:

 

ssh -Q cipher

 

To explicitly use the cipher, try the following:

 

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -l <username> <ip_address>

 

cheers,

Seb.

Go to solution
johnd2310
Level 8
Level 8
In response to moman62

‎09-25-2019 11:41 PM

Hi,

Your cisco device is using weak ciphers. You should try and upgrade the code on your Cisco device.Try connecting to the device using the following command:

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 user@10.10.22.5

 

Thanks

John

 

 

**Please rate posts you find helpful**

Go to solution
moman62
Level 1
Level 1
In response to johnd2310

‎09-26-2019 09:31 AM

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 @Username@10.10.10.5

 

Unable to negotiate with 192.168.1.61 port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc

 

Results From ssh -Q cipher:

3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com

0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to moman62

‎09-26-2019 03:09 PM

OK, try:

 

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c aes128-cbc -l <username> 10.10.10.5

0 Helpful

Go to solution
moman62
Level 1
Level 1
In response to Seb Rupik

‎09-26-2019 04:55 PM

Thank you! the solution worked for me!

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card