Hi,
I'm trying to SSH from a Cat9K switch to an firepower FTD.
From the client I get this output:
Switch#ssh -l admin X.X.X.X
[Connection to X.X.X.X aborted: error status 0]
I can ping it and I can telnet to port 22.
Debugging on the client switch shows this:
076735: Sep 7 2020 16:59:32.047 UTC: %SSH-3-NO_MATCH: No matching kex algorithm found: client diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1 server curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256
Or to format it a little nicer:
-------------------------------
076735: Sep 7 2020 16:59:32.047 UTC: %SSH-3-NO_MATCH: No matching kex algorithm found:
client
diffie-hellman-group-exchange-sha1
diffie-hellman-group14-sha1
server
curve25519-sha256@libssh.org
ecdh-sha2-nistp521
ecdh-sha2-nistp384
ecdh-sha2-nistp256
-------------------------------
I don't have control of the FTD to make changes.
And I don't appear to be able to add any other algorithms to the client:
Switch(config)#ip ssh client algorithm kex ?
diffie-hellman-group-exchange-sha1 DH_GRPX_SHA1 diffie-hellman key exchange algorithm
diffie-hellman-group14-sha1 DH_GRP14_SHA1 diffie-hellman key exchange algorithm
Switch(config)#
Any ideas?
Thanks in advance,
Matt.
