cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
5220
Views
1
Helpful
2
Replies

SSH ISSUE %SSH-3-BAD_PACK_LEN: Bad packet length

Jeff Horton
Level 1
Level 1

I am trying to putty into a Catalyst 9300 running 17.10.1 IOS XE. I am getting %SSH-3-BAD_PACK_LEN: Bad packet length and connection says "Server unexpectedly closed network connection". Anyone else run into this situation with the new IOS XE

ip ssh bulk-mode 131072
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh source-interface Vlan30
ip ssh server algorithm mac hmac-sha2-512 hmac-sha2-256
ip ssh server algorithm encryption aes256-ctr aes192-ctr aes128-ctr

 SSH Enabled - version 2.0
Authentication methods:publickey,keyboard-interactive,password
Authentication Publickey Algorithms:x509v3-ssh-rsa,ssh-rsa,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,x509v3-ecdsa-sha2-nistp256,x509v3-ecdsa-sha2-nistp384,x509v3-ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512
Hostkey Algorithms:x509v3-ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-rsa
Encryption Algorithms:aes256-ctr,aes192-ctr,aes128-ctr
MAC Algorithms:hmac-sha2-512,hmac-sha2-256
KEX Algorithms:ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1
Authentication timeout: 60 secs; Authentication retries: 2
Minimum expected Diffie Hellman key size : 2048 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded): INFR-NET-SWC18l

Modulus Size : 2048 bits
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPAPX8eiW1mgTVe+7gqfdGxCTOpC1IJ1UNmYYDZknr
RQWzsglCSfp5QMxiO56kQjxb6m6Wf3izzQkj85nDS8+/CimcPnMH+KU1RqKicpFDKylY/Sw4IEUDxa8A
v2PifpRF6KuszHr1pfdSp72qhUbBOsowiKe9FFvUoaIsIvdYmN3kSLcugR0VbXz3E/E9qtgtLuYNzi4f
ffovjfx7g2KLc8MT05+n+nZke/Jk+jG1isT0BJHUQ+l0JNm72kv4CgAoP0R2f9f+OmKREX+53//7isxC
u/SQvqxcgDNGDIcTHpgnpzVU59MM7syjvVwOKG/WWXP57gYqlQmF0vTFRcwf

****NOTE****  

I did notice that the command "ip version 2" is not showing up in the running-config or startup-config.

 

1 Accepted Solution

Accepted Solutions

balaji.bandi
Hall of Fame
Hall of Fame

SSH Enabled - version 2.0  - as per this show running ssh v2

I would test below if you have console access:

1. enable telnet so you can connect device

2. ip ssh version 2 ( as you mentioned not seen in the config) and test it.

3. zero key the RSA (still issue)

make sure you download latest putty also.

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

SSH Enabled - version 2.0  - as per this show running ssh v2

I would test below if you have console access:

1. enable telnet so you can connect device

2. ip ssh version 2 ( as you mentioned not seen in the config) and test it.

3. zero key the RSA (still issue)

make sure you download latest putty also.

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Jeff Horton
Level 1
Level 1

Never even crossed my mind to check Putty.. That was the deal. I also tried the Van **bleep** SecureCRT and it worked. Thanks for the sugguestions.

Review Cisco Networking for a $25 gift card