06-16-2021 12:53 PM - edited 06-16-2021 01:02 PM
Hello,
I made an upgrade cisco ASA 5506-X to version 9.14(2)15 and now I have problem making ssh connection from the Cisco router to Cisco 5506-X.
ssh -l xxxx 10.10.10.1
[Connection to 10.10.10.1 aborted: error status 0]
debuh ssh on cisco ASA 5506-x.
debug ssh
debug ssh enabled at level 1
ASA5506-X# Device ssh opened successfully.
SSH2: SSH client: IP = '10.10.10.2' interface # = 9
SSH: host key initialised
SSH2: starting SSH control process
SSH2: Exchanging versions - SSH-2.0-Cisco-1.25
SSH2: send SSH message: outdata is NULL
server version string:SSH-2.0-Cisco-1.25
SSH2: receive SSH message: 83 (83)
SSH2: client version is - SSH-2.0-Cisco-1.25
client version string:SSH-2.0-Cisco-1.25
SSH2 2: SSH2_MSG_KEXINIT sent
SSH2 2: SSH2_MSG_KEXINIT received
SSH2 0: no matching mac found: client hmac-sha1,hmac-sha1-96 server hmac-sha2-256
SSH2 2: ssh: kex_choose_conf error
SSH2 0: key exchange failed to completeSSH2: Session disconnected by SSH server - error 0x00 "Internal error"
Device ssh opened successfully.
SSH2: SSH client: IP = '10.10.10.2' interface # = 9
SSH: host key initialised
SSH2: starting SSH control process
SSH2: Exchanging versions - SSH-2.0-Cisco-1.25
SSH2: send SSH message: outdata is NULL
server version string:SSH-2.0-Cisco-1.25
SSH2: receive SSH message: 83 (83)
SSH2: client version is - SSH-2.0-Cisco-1.25
client version string:SSH-2.0-Cisco-1.25
SSH2 2: SSH2_MSG_KEXINIT sent
SSH2 2: SSH2_MSG_KEXINIT received
SSH2 0: no matching mac found: client hmac-sha1,hmac-sha1-96 server hmac-sha2-256
SSH2 2: ssh: kex_choose_conf error
SSH2 0: key exchange failed to completeSSH2: Session disconnected by SSH server - error 0x00 "Internal error"
Does anybody have an idea how to solve it?.
Thank you very much.
Solved! Go to Solution.
06-16-2021 01:03 PM
SSH2 0: key exchange failed to completeSSH2: Session disconnected by SSH server - error 0x00 "Internal error"
Try to re-generate Crypto key :
crypto key generate rsa general-keys modulus XXXX
Also, make sure your Router Supports new Keys?
06-16-2021 01:03 PM
SSH2 0: key exchange failed to completeSSH2: Session disconnected by SSH server - error 0x00 "Internal error"
Try to re-generate Crypto key :
crypto key generate rsa general-keys modulus XXXX
Also, make sure your Router Supports new Keys?
06-16-2021 10:55 PM - edited 06-16-2021 11:42 PM
Thank you.
Problem was with cipher integrity custom on Cisco ASA, Router didn't support newer key.
I solved it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide