cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
515
Views
0
Helpful
1
Replies

Can't SSH to a Switch

PiEich00
Level 1
Level 1

Hi everyone!

I generated a 2048 key on a WS-C3560X-24P switch, but I can't SSH to it.

A sh ip ssh shows way less information than in the other switches that I have:

 

SSH Enabled - version 1.99
Authentication timeout: 120 secs; Authentication retries: 3

 

And when I debug SSH, this is what I get:

 

000212: Nov 25 16:09:38.767: SSH0: starting SSH control process
000213: Nov 25 16:09:38.767: SSH0: sent protocol version id SSH-1.99-Cisco-1.25
000214: Nov 25 16:09:38.767: SSH0: protocol version id is - SSH-1.99-Cisco-1.25
000215: Nov 25 16:09:38.767: SSH2 0: send: len 280 (includes padlen 4)
000216: Nov 25 16:09:38.767: SSH2 0: SSH2_MSG_KEXINIT sent
000217: Nov 25 16:09:38.776: SSH2 0: ssh_receive: 344 bytes received
000218: Nov 25 16:09:38.776: SSH2 0: input: packet len 344
000219: Nov 25 16:09:38.776: SSH2 0: partial packet 8, need 336, maclen 0
000220: Nov 25 16:09:38.776: SSH2 0: input: padlen 8
000221: Nov 25 16:09:38.776: SSH2 0: received packet type 20
000222: Nov 25 16:09:38.776: SSH2 0: SSH2_MSG_KEXINIT received
000223: Nov 25 16:09:38.776: SSH2: kex: client->server aes128-cbc hmac-sha1 none
000224: Nov 25 16:09:38.776: SSH2: kex: server->client aes128-cbc hmac-sha1 none
000225: Nov 25 16:09:38.776: SSH2 0: kex algo not supported: client diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1, server diffie-hellman-gr
000226: Nov 25 16:09:38.885: SSH0: Session disconnected - error 0x07

 

So everything seems to match, but the DG group.... But do you know where do I change that?

I mean, I just want a regular SSH connection... Standard, no options changed.

 

Thanks in advance!

1 Reply 1

Hello

try:
conf t
crypto key zeroize
crypto key generate rsa label xxx general-keys modulus xxx
ip ssh version 2


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco