[rancid] As one door closes, another opens... ssh failing with (some) Cisco devices after OS upgrade?
nick at foobar.org
Sun May 17 12:58:56 UTC 2015
On 16/05/2015 22:31, Alex DEKKER wrote:
> On 16/05/15 11:08, Howard Jones wrote:
>> Evidently those specific devices don't meet some minimum standard that
>> the openssh folks enforce.
> There is an option you can pass to SSH ['-o
> KexAlgorithms=diffie-hellman-group14-sha1'] to allow it to connect to older
> versions of IOS. The error emitted by SSH isn't much help at all.
or on ios config:
ip ssh dh min size 4096
This doesn't work on all IOS images but if it works, it's a useful
workaround where upgrading is a problem.
More information about the Rancid-discuss