cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
108952
Views
105
Helpful
18
Replies
asheemy
Beginner

SSH error message "No matching ciphers found"

Hello,

 

i have a new 3850 Switch and i configured ip ssh ver 2 and all ssh commands but when i access the switch using ssh i got "No matching ciphers found. Client (x.x.x.x) supported ciphers :  aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se .Server supported ciphers : aes128-ctr​".

 

"%SSH-3-DH_RANGE_FAIL: Client DH key range mismatch with minimum configured DH key on server​" log on switch

Also got " No compatible Cipher. The server supports these ciphers:aes128-ctr,aes192-ctr,aes256-ctr" message on my secureCRT

 

is there anyone face such issue.

18 REPLIES 18

Hi guys! I know that has been already solved, but I would like to add a little bit more here. Since I was trying to scp the configuration files of my network devices to and from my linux repository server using Ansible for automation purpose, I was facing the same problem with the ssh clients on some of  my network devices. Then I've changed my /etc/ssh/sshd_config on my linux server adding the line "Ciphers aes128-cbc,aes192-ctr,aes256-ctr" to match the same kind of ciphers my ssh clients have on the network devices. After that, the ssh connection and the copy scp:// command worked fine.

 

Thank you all!

Ethan and Mia
Beginner

Hi , How you solve it  ? Upgrade IOS ?

As stated in the previous replies. Otherwise ensure all your IOS's are of similar or the same vintage. Like browsers I am sure it is Cisco simply upgrading the security defaults.

LesterGaddy
Beginner

I am also facing the same issue too when tried to connect from iOS 15.6 router to cisco sg500 switch. Just should to get connect with -c aes256-cbc or add command "ip ssh client algorithm encryption aes256-cbc" in your router config for working.