Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9390
Views
5
Helpful
2
Replies

can't ssh it show "[Connection to [IP ADDRESS] aborted: error status 0]" after upgrade switch firmware

Ethan and Mia
Level 1
Level 1

‎01-22-2021 11:00 AM - edited ‎01-22-2021 01:50 PM

Hi all

 

After upgrade ios to ver 17.x    when ssh to other machine it show ""[Connection to [IP ADDRESS] aborted: error status 0]""    

I double check the ssh verion between 2 switchs are same (1.99) please see when show  "ip ssh"

 

I try remove key then create again butt no work 

 


SW01#sh ip ssh
SSH Enabled - version 1.99
Authentication methods:publickey,keyboard-interactive,password
Authentication Publickey Algorithms:x509v3-ssh-rsa,ssh-rsa,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,x509v3-ecdsa-sha2-nistp256,x509v3-ecdsa-sha2-nistp384,x509v3-ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512
Hostkey Algorithms:x509v3-ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-rsa
Encryption Algorithms:aes128-gcm,aes256-gcm,aes128-ctr,aes192-ctr,aes256-ctr
MAC Algorithms:hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-512
KEX Algorithms:ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 2048 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded): SW01
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDCGTsnQPXnfXQBFdnTXzsPGh7X/UfOozYKLBXW3vVb
JI1cbV+aNVSHv8QFiZ4r7vZHT+bWW8xT+iskwiBBpHgKLmy1UDZ/6os4GqSgG6u1A6mLd4qp6sMfdxFq
jikpzyxvxs1RXWnQRouvqcCAvkj3nez2rb20NicPj3pwPntGzQ==

 

 

SW02#sh ip ssh
SSH Enabled - version 1.99
Authentication methods:publickey,keyboard-interactive,password
Authentication Publickey Algorithms:x509v3-ssh-rsa,ssh-rsa
Hostkey Algorithms:x509v3-ssh-rsa,ssh-rsa
Encryption Algorithms:aes128-ctr,aes192-ctr,aes256-ctr
MAC Algorithms:hmac-sha1,hmac-sha1-96
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded): SW01
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC/zxiWqkjFmgvmI4tllQCohKySU+qwSiCC9ic6BfS/
ntx3oSY3en3yXO5on6FBc/QstEoP4FhkstjPdw4LJFyHLTfj2Ftr8WRxKTzD+iuVY/DzeaNHCTMTXOED
xmEj9RvxuVpp2aytZWDl9uhruPipilDya6F1l/DTNo3DkgvcuQ==

 

when SSH to other device
No matching mac found: client hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-512 server hmac-sha1,hmac-sha1-96

 

thanks in advance

 

 

2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎01-22-2021 11:20 AM - edited ‎01-22-2021 11:21 AM

Look at the release notes for the 17.X  SSH requirement,

 

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_ssh/configuration/xe-17/sec-usr-ssh-xe-17-book/sec-rev-ssh-enhanmt.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Ethan and Mia
Level 1
Level 1
In response to balaji.bandi

‎01-22-2021 11:41 AM

sorry I am too newbie

 

Before upgrade ios , 

I configuration SSH as simple

after upgrade I can't continuous to next machine by SSH

Butt still direct connect to switch is ok 

 

domain name

hostname

cryto kengen rsa 1024

 

 

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card