Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
425
Views
2
Helpful
5
Replies

Conecting via SSH ubuntu to Cisco IOS, XE

Go to solution
f4cruz
Level 1
Level 1

‎09-03-2024 01:46 PM

I'm try to connect via ssh from my server ububtu to 2 routers:

R1 - CiscoIOS , R2 -IOS-XE

I edited the  /etc/ssh/ssh_config file and add:

KexAlgorithms diffie-hellman-group1-sha1 ( for IOS work very well but not for XE )

but if I add:

KexAlgorithms diffie-hellman-group14-sha1 ( for XE work very well but not for IOS )

there area any way to configure both in the /etc/ssh/ssh_config file?

thanks.

PD. this is the error for IOS-XE:

Unable to negotiate with 192.168.80.50 port 22: no matching key exchange method found. Their offer:
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions
5 Replies 5

Go to solution
Flavio Miranda
VIP
VIP

‎09-03-2024 01:58 PM

@f4cruz 

 There is a similar discussion here with a solution

https://askubuntu.com/questions/1279881/ubuntu-20-04-unable-to-ssh-to-cisco-ios

 

0 Helpful

Go to solution
Harold Ritter
Level 12
Level 12

‎09-03-2024 02:12 PM - edited ‎09-03-2024 02:37 PM

Hi @f4cruz ,

You can specify both separated by a comma as follow:

KexAlgorithms diffie-hellman-group1-sha1, diffie-hellman-group14-sha1

You can check the configured values as follow:

test@test$ ssh -Q KexAlgorithms

diffie-hellman-group1-sha1

diffie-hellman-group14-sha1

diffie-hellman-group14-sha256

diffie-hellman-group16-sha512

diffie-hellman-group18-sha512

diffie-hellman-group-exchange-sha1

diffie-hellman-group-exchange-sha256

ecdh-sha2-nistp256

ecdh-sha2-nistp384

ecdh-sha2-nistp521

curve25519-sha256

curve25519-sha256@libssh.org

sntrup4591761x25519-sha512@tinyssh.org

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Go to solution
f4cruz
Level 1
Level 1
In response to Harold Ritter

‎09-03-2024 02:36 PM - edited ‎09-03-2024 02:36 PM

Hello Harold

I got this after add this line:

ssh cisco@192.168.80.50  
/etc/ssh/ssh_config line 58: keyword kexalgorithms extra arguments at end of line
/etc/ssh/ssh_config: terminating, 1 bad configuration options

0 Helpful

Go to solution
Harold Ritter
Level 12
Level 12
In response to f4cruz

‎09-03-2024 03:00 PM

Hi @f4cruz ,

Yes, I had an extra blank in there. Glad to see you fixed it.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Go to solution
f4cruz
Level 1
Level 1

‎09-03-2024 02:45 PM

this worked for me, thank you guys.

KexAlgorithms diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card