This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Cant SSH2 to Extreme switches via Ubuntu

Cant SSH2 to Extreme switches via Ubuntu

Marvell_Kay
New Contributor II

‎12-28-2017 06:43 PM

We recently enable SSH2 in our environment. I am able to SSH to Cisco switches without any issue but can not to any Extreme switch. I can login to them fine via teraterm/secureCRT but not via Ubuntu.

I have a Ubuntu 14.04 machine. Here is what I am getting:

ssh admin@extreme_switch.com
ssh_exchange_identification: read: Connection reset by peer

With -v for more info:

ssh -v admin@extreme_switch.com
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to extreme_switch.com [10.10.0.99] port 22.
debug1: Connection established.
debug1: identity file /home/admin1/.ssh/id_rsa type -1
debug1: identity file /home/admin1/.ssh/id_rsa-cert type -1
debug1: identity file /home/admin1/.ssh/id_dsa type -1
debug1: identity file /home/admin1/.ssh/id_dsa-cert type -1
debug1: identity file /home/admin1/.ssh/id_ecdsa type -1
debug1: identity file /home/admin1/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/admin1/.ssh/id_ed25519 type -1
debug1: identity file /home/admin1/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
ssh_exchange_identification: read: Connection reset by peer

Any idea why I can not login to Extremes?

Thanks
Zohaib

0 Kudos
18 REPLIES 18

Stephane_Grosj1
Extreme Employee
In response to Frank

‎12-29-2017 09:39 AM

Are you using openssh from ubuntu?

Your issue (with 15.7 EXOS version) is definitely related to the upgrade of openssh, and the legacy keys being disabled by default. The link from Frank is the solution.

For 22.x code, this is not necessary. I see you have a debug EXOS release. Why?
0 Kudos

Marvell_Kay
New Contributor II
In response to Frank

‎12-29-2017 09:39 AM

I am getting this:

Unsupported KEX algorithm "+diffie-hellman-group1-sha1"
command-line line 0: Bad SSH2 KexAlgorithms '+diffie-hellman-group1-sha1'.
0 Kudos

Bernhard_Gruenw
New Contributor

‎12-29-2017 08:36 AM

Hi,
after Ubuntu Update to 17.x I can't ssh to Extreme Switches (formerly Enterasys).
This helps for me:

ssh -o KexAlgorithms=+diffie-hellman-group1-sha1 admin@

or this options to an X450:

ssh -o HostKeyAlgorithms=+ssh-dss admin@

Regards,
Bernhard
0 Kudos

davidj_cogliane
Contributor

‎12-28-2017 07:28 PM

{Run update} should only be needed if the stack has not been booted since the code was loaded.

Also, to clarify if your switches are stacked, you only need to enable ssh on the master.
0 Kudos

Andrew_Imam
Extreme Employee

‎12-28-2017 07:11 PM

Hi Zohaib,

For EXOS 15.7.2.9 you need to run the following commands to activate SSH on each switch:
- run update
- enable ssh2 vr all

For EXOS 22.2.1.5-P1-4 you need to run the following commands to activate SSH on each switch:
- enable ssh2 vr all

You can then run the "show management" command, check under the "SSH" heading that SSH is enabled and the key is valid.

Please let us know if you have any other questions.
Thank you.

Best regards,
Andrew
0 Kudos
GTM-P2G8KFN