applications:ssh:notes
Table of Contents
Applications - SSH - Notes
Connect to SuSe 8.2 from OpenSSH_9.1
SuSe 8.2 uses OpenSSH_3.5p1 which uses ciphers, Kex, and HostKey algorithms that are disabled by default in later versions of OpenSSH.
To connect anyway:
ssh -c aes128-cbc -o KexAlgorithms=diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 -o HostKeyAlgorithms=ssh-rsa,ssh-dss HOSTNAME
Connect to HP ProCurve 2810
An HP ProCurve 2810 (J9022A, software version N.11.76) uses an older version of (Open)SSH which uses ciphers, and Kex algorithms that are disabled by default in later versions of OpenSSH.
To connect anyway:
ssh -c 3des-cbc -o KexAlgorithms=diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 -o HostKeyAlgorithms=ssh-rsa manager@SWITCHNAME_OR_IP_ADDRESS
Connect to Cisco ASA 55xx from OpenSSH_9.1
ssh -o KexAlgorithms=diffie-hellman-group14-sha1 -o HostKeyAlgorithms=ssh-rsa user1@HOSTNAME
This depends on your ssh version still supporting:
- diffie-hellman-group14-sha1 key exchange. Check with:
ssh -Q kex
- ssh-rsa hostkeys. Check with:
ssh -Q key
Tested on:
- Cisco ASA 5512-X running ASA version 9.6(4)17 (asa964-17-smp-k8.bin).
- With the following settings:
ssh stricthostkeycheck ssh timeout 5 ssh version 2 ssh key-exchange group dh-group14-sha1 username user1 password BLABLABLABLA encrypted aaa authentication ssh console LOCAL
- And RSA keys generated with:
crypto key generate rsa modulus 4096
applications/ssh/notes.txt · Last modified: 2023/08/26 11:08 by bas