Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1964
Views
0
Helpful
2
Replies

ssh from cisco router to cisco ASA 5506 version 9.14(2)15

Go to solution
faruk.zaimovic
Level 1
Level 1

‎06-16-2021 12:53 PM - edited ‎06-16-2021 01:02 PM

Hello, 

 

I made an upgrade cisco ASA 5506-X to  version 9.14(2)15 and now I have problem making ssh connection from the Cisco router to Cisco  5506-X.

ssh -l xxxx 10.10.10.1
[Connection to 10.10.10.1 aborted: error status 0]

 

 

debuh ssh on cisco ASA 5506-x.

debug ssh
debug ssh enabled at level 1
ASA5506-X# Device ssh opened successfully.
SSH2: SSH client: IP = '10.10.10.2' interface # = 9
SSH: host key initialised
SSH2: starting SSH control process
SSH2: Exchanging versions - SSH-2.0-Cisco-1.25

SSH2: send SSH message: outdata is NULL

server version string:SSH-2.0-Cisco-1.25
SSH2: receive SSH message: 83 (83)
SSH2: client version is - SSH-2.0-Cisco-1.25

client version string:SSH-2.0-Cisco-1.25

SSH2 2: SSH2_MSG_KEXINIT sent
SSH2 2: SSH2_MSG_KEXINIT received
SSH2 0: no matching mac found: client hmac-sha1,hmac-sha1-96 server hmac-sha2-256
SSH2 2: ssh: kex_choose_conf error
SSH2 0: key exchange failed to completeSSH2: Session disconnected by SSH server - error 0x00 "Internal error"
Device ssh opened successfully.
SSH2: SSH client: IP = '10.10.10.2' interface # = 9
SSH: host key initialised
SSH2: starting SSH control process
SSH2: Exchanging versions - SSH-2.0-Cisco-1.25

SSH2: send SSH message: outdata is NULL

server version string:SSH-2.0-Cisco-1.25
SSH2: receive SSH message: 83 (83)
SSH2: client version is - SSH-2.0-Cisco-1.25

client version string:SSH-2.0-Cisco-1.25

SSH2 2: SSH2_MSG_KEXINIT sent
SSH2 2: SSH2_MSG_KEXINIT received
SSH2 0: no matching mac found: client hmac-sha1,hmac-sha1-96 server hmac-sha2-256
SSH2 2: ssh: kex_choose_conf error
SSH2 0: key exchange failed to completeSSH2: Session disconnected by SSH server - error 0x00 "Internal error"

 

Does anybody have an idea how to solve it?.

Thank you very much. 

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎06-16-2021 01:03 PM 

SSH2 0: key exchange failed to completeSSH2: Session disconnected by SSH server - error 0x00 "Internal error"

Try to re-generate Crypto key :

 

crypto key generate rsa general-keys modulus XXXX

Also, make sure your Router Supports new Keys?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

0 Helpful
2 Replies 2

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎06-16-2021 01:03 PM 

SSH2 0: key exchange failed to completeSSH2: Session disconnected by SSH server - error 0x00 "Internal error"

Try to re-generate Crypto key :

 

crypto key generate rsa general-keys modulus XXXX

Also, make sure your Router Supports new Keys?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
faruk.zaimovic
Level 1
Level 1
In response to balaji.bandi

‎06-16-2021 10:55 PM - edited ‎06-16-2021 11:42 PM

Thank you. 

Problem was with cipher integrity custom on Cisco ASA, Router didn't support newer key. 

I solved it.

 

 

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card