Hi,

yes, we use the 0.6 Putty version.

the problem is due to the router evolution from C2811 to C2911.

something is different

Hi

What is the output of plink -ssh ?

Are all your 2911s running the same IOS?

Do they all have the same problem?

Does a regular SSH session complete?

A short Google search yielded:

A.6.18 Since my SSH server was upgraded to OpenSSH 3.1p1/3.4p1, I can no longer connect with PuTTY.

There is a known problem when OpenSSH has been built against an  incorrect version of OpenSSL; the quick workaround is to configure PuTTY  to use SSH protocol 2 and the Blowfish cipher.

For more details and OpenSSH patches, see bug 138 in the OpenSSH BTS.

This is not a PuTTY-specific problem; if you try to connect with  another client you'll likely have similar problems. (Although PuTTY's  default cipher differs from many other clients.)

OpenSSH 3.1p1: configurations known to be broken (and symptoms):

• SSH 2 with AES cipher (PuTTY says "Assertion failed! Expression:  (len & 15) == 0" in sshaes.c, or "Out of memory", or crashes)
• SSH 2 with 3DES (PuTTY says "Incorrect MAC received on packet")
• SSH 1 with Blowfish (PuTTY says "Incorrect CRC received on packet")
• SSH 1 with 3DES

OpenSSH 3.4p1: as of 3.4p1, only the problem with SSH 1 and  Blowfish remains. Rebuild your server, apply the patch linked to from  bug 138 above, or use another cipher (e.g., 3DES) instead.

Other versions: we occasionally get reports of the same  symptom and workarounds with older versions of OpenSSH, although it's  not clear the underlying cause is the same.

Hi,

The ouptut of plink is :

"FATAL ERROR: Incoming packet was garbled on decryption"

I have only two 2911 with the same IOS.

Other routers are 2811 routers and all is ok with 2811

Yes, the problem appears only on 2911

I can make a SSHv2 connection manually with Putty but not by using a plink automatic connection.

About the bug you described :

yes, we try to configure SSH protocol 2 and the Blowfish cipher.

but the result is not good.

the bug you described is about a server problem.

but my server is the cisco 2911 and my client is plink.

so i can't apply any patches to ssh server cisco 2911

for the moment, only sshv2 is working

Hi,

Since you can can make a SSHv2 connection manually, the only suggestion I have is that you need to update plink as putty is working for you. 

However, to pursue a device side issue:

Try browsing http://cisco.com/go/fn and search by feature.

Related documentation:

Secure Shell Version 2 Support

http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_secure_shell_v2.html

Network Configuration Protocol

http://www.cisco.com/en/US/docs/ios/ios_xe/netmgmt/configuration/guide/nm_cns_netconf_xe.html

Hi,

We didn't want to use SSHv2 manually. All actions need to be done automatically with plink.

I ever check features ... but no solutions found ...