06-04-2018 07:44 PM - edited 03-01-2019 06:37 PM
When I tried to connect ASR 9000 router using SSH, I got the following ssh debug logs.
~$ ssh -v username@xxx.xxx.xxx.xxx OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx] port 22. debug1: Connection established. debug1: key_load_public: No such file or directory debug1: identity file /home/mobigen/.ssh/id_rsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/mobigen/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/mobigen/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/mobigen/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/mobigen/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/mobigen/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/mobigen/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/mobigen/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4 debug1: Remote protocol version 2.0, remote software version Cisco-2.0 debug1: no match: Cisco-2.0 debug1: Authenticating to xxx.xxx.xxx.xxx:22 as 'username' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: ecdh-sha2-nistp256 debug1: kex: host key algorithm: (no match) Unable to negotiate with xxx.xxx.xxx.xxx port 22: no matching host key type found. Their offer: ~$
It is strange that I don't get any offered key type.
Once I had another case that it displayed like "Their offer: ssh-dss", which I could succeed logging in by giving additional option "-oHostKeyAlgorithms=+ssh-dss" in ssh command. However this one is a bit different. Is it because of some CLI configuration missing in the router?