06-06-2019 05:41 AM
Hello,
i have a new 3650 Switch and when i using ssh i got "%SSH: CBC Ciphers got moved out of default config. Please configure ciphers as required(to match peer ciphers)
[Connection to 10.1.33.3 aborted: error status 0]".
is there anyone face such issue?
Solved! Go to Solution.
06-06-2019 05:45 AM - edited 06-06-2019 05:46 AM
@ruslan932 hello,
try run it: sw(config): crypto key generate rsa modulus 2048 and test again.
06-06-2019 06:46 AM
Hi!
Command(only) crypto key generate rsa modulus 2048 is not enough.
Solution: using also this command:
Switch(config)#ip ssh client algorithm encryption ?
3des-cbc Three-key 3DES in CBC mode
aes128-cbc AES with 128-bit key in CBC mode
aes128-ctr AES with 128-bit key in CTR mode
aes192-cbc AES with 192-bit key in CBC mode
aes192-ctr AES with 192-bit key in CTR mode
aes256-cbc AES with 256-bit key in CBC mode
aes256-ctr AES with 256-bit key in CTR mode
Thanks for your attention!
06-06-2019 05:45 AM - edited 06-06-2019 05:46 AM
@ruslan932 hello,
try run it: sw(config): crypto key generate rsa modulus 2048 and test again.
06-06-2019 06:46 AM
Hi!
Command(only) crypto key generate rsa modulus 2048 is not enough.
Solution: using also this command:
Switch(config)#ip ssh client algorithm encryption ?
3des-cbc Three-key 3DES in CBC mode
aes128-cbc AES with 128-bit key in CBC mode
aes128-ctr AES with 128-bit key in CTR mode
aes192-cbc AES with 192-bit key in CBC mode
aes192-ctr AES with 192-bit key in CTR mode
aes256-cbc AES with 256-bit key in CBC mode
aes256-ctr AES with 256-bit key in CTR mode
Thanks for your attention!
08-14-2020 08:16 AM
01-18-2021 01:46 AM
I've got this problem after upgrade router 2951/K9 from 15.1(4)M1 to 15.7(3)M7.
I've fixed the problem as described upper by the command :
ip ssh client algorithm encryption aes128-cbc aes128-ctr aes192-cbc aes192-ctr aes256-cbc aes256-ctr
@ruslan932 , thank you!!!
06-24-2020 09:57 PM - edited 06-24-2020 09:58 PM
getting below error while taking ssh session- device (Cisco 3650)
%SSH: CBC Ciphers got moved out of default config. Please configure ciphers as required(to match peer ciphers)
[Connection to 10.139.xx.xx aborted: error status 0]
Issued below command, but still getting same error
( config)#crypto key generate rsa modulus 2048
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide