12-19-2018 11:36 AM - edited 03-03-2019 08:58 AM
Hi there!
I got these logs on cisco WS-C6506-E --aggregation device (s72033_rp-ADVENTERPRISEK9-M), Version 15.1(2)SY8, RELEASE SOFTWARE (fc5)--. Can someone help me know what's wrong?
Dec 17 18:59:21: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ssh-dss server ssh-rsa
Dec 17 18:59:21: %SSH-3-DH_SIZE: DH public key size > DH group key size(128)
Dec 17 18:59:21: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ecdsa-sha2-nistp256 server ssh-rsa
Dec 17 18:59:22: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ssh-dss server ssh-rsa
Dec 17 18:59:22: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ecdsa-sha2-nistp384 server ssh-rsa
Dec 17 18:59:22: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ecdsa-sha2-nistp521 server ssh-rsa
Dec 17 18:59:22: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ssh-ed25519 server ssh-rsa
Dec 17 18:59:22: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection
Dec 17 18:59:22: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ecdsa-sha2-nistp256 server ssh-rsa
Dec 17 18:59:23: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ecdsa-sha2-nistp384 server ssh-rsa
Dec 17 18:59:23: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ecdsa-sha2-nistp521 server ssh-rsa
Dec 17 18:59:23: %SSH-3-NO_MATCH: No matching hostkey algorithm found: client ssh-ed25519 server ssh-rsa
12-21-2018 11:35 AM
Hello,
both ecdsa and ed25519 are relatively new encryption standards which are probably not supported by the 6509 (which is a very old switch). Hence the warnings...
ecdsa is a Digital Signature Algorithm standarized by the US government, using elliptic curves. Don't ask me what elliptic curves are, but if the government uses it, it is probably a very high encryption level.
ed25519 is is a new algorithm added in OpenSSH. Support for it in clients is not yet universal. Thus its use in general purpose applications may not yet be advisable.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide