i have a new 3850 Switch and i configured ip ssh ver 2 and all ssh commands but when i access the switch using ssh i got "No matching ciphers found. Client (x.x.x.x) supported ciphers : aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,email@example.com .Server supported ciphers : aes128-ctr".
"%SSH-3-DH_RANGE_FAIL: Client DH key range mismatch with minimum configured DH key on server" log on switch
Also got " No compatible Cipher. The server supports these ciphers:aes128-ctr,aes192-ctr,aes256-ctr" message on my secureCRT
is there anyone face such issue.
Solved! Go to Solution.
Hi guys! I know that has been already solved, but I would like to add a little bit more here. Since I was trying to scp the configuration files of my network devices to and from my linux repository server using Ansible for automation purpose, I was facing the same problem with the ssh clients on some of my network devices. Then I've changed my /etc/ssh/sshd_config on my linux server adding the line "Ciphers aes128-cbc,aes192-ctr,aes256-ctr" to match the same kind of ciphers my ssh clients have on the network devices. After that, the ssh connection and the copy scp:// command worked fine.
Thank you all!
As stated in the previous replies. Otherwise ensure all your IOS's are of similar or the same vintage. Like browsers I am sure it is Cisco simply upgrading the security defaults.
I am also facing the same issue too when tried to connect from iOS 15.6 router to cisco sg500 switch. Just should to get connect with -c aes256-cbc or add command "ip ssh client algorithm encryption aes256-cbc" in your router config for working.