Cant SSH2 to Extreme switches via Ubuntu
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-28-2017 06:43 PM
We recently enable SSH2 in our environment. I am able to SSH to Cisco switches without any issue but can not to any Extreme switch. I can login to them fine via teraterm/secureCRT but not via Ubuntu.
I have a Ubuntu 14.04 machine. Here is what I am getting:
ssh admin@extreme_switch.com
ssh_exchange_identification: read: Connection reset by peer
With -v for more info:
ssh -v admin@extreme_switch.com
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to extreme_switch.com [10.10.0.99] port 22.
debug1: Connection established.
debug1: identity file /home/admin1/.ssh/id_rsa type -1
debug1: identity file /home/admin1/.ssh/id_rsa-cert type -1
debug1: identity file /home/admin1/.ssh/id_dsa type -1
debug1: identity file /home/admin1/.ssh/id_dsa-cert type -1
debug1: identity file /home/admin1/.ssh/id_ecdsa type -1
debug1: identity file /home/admin1/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/admin1/.ssh/id_ed25519 type -1
debug1: identity file /home/admin1/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
ssh_exchange_identification: read: Connection reset by peer
Any idea why I can not login to Extremes?
Thanks
Zohaib
I have a Ubuntu 14.04 machine. Here is what I am getting:
ssh admin@extreme_switch.com
ssh_exchange_identification: read: Connection reset by peer
With -v for more info:
ssh -v admin@extreme_switch.com
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to extreme_switch.com [10.10.0.99] port 22.
debug1: Connection established.
debug1: identity file /home/admin1/.ssh/id_rsa type -1
debug1: identity file /home/admin1/.ssh/id_rsa-cert type -1
debug1: identity file /home/admin1/.ssh/id_dsa type -1
debug1: identity file /home/admin1/.ssh/id_dsa-cert type -1
debug1: identity file /home/admin1/.ssh/id_ecdsa type -1
debug1: identity file /home/admin1/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/admin1/.ssh/id_ed25519 type -1
debug1: identity file /home/admin1/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
ssh_exchange_identification: read: Connection reset by peer
Any idea why I can not login to Extremes?
Thanks
Zohaib
18 REPLIES 18
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-29-2017 09:39 AM
Are you using openssh from ubuntu?
Your issue (with 15.7 EXOS version) is definitely related to the upgrade of openssh, and the legacy keys being disabled by default. The link from Frank is the solution.
For 22.x code, this is not necessary. I see you have a debug EXOS release. Why?
Your issue (with 15.7 EXOS version) is definitely related to the upgrade of openssh, and the legacy keys being disabled by default. The link from Frank is the solution.
For 22.x code, this is not necessary. I see you have a debug EXOS release. Why?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-29-2017 09:39 AM
I am getting this:
Unsupported KEX algorithm "+diffie-hellman-group1-sha1"
command-line line 0: Bad SSH2 KexAlgorithms '+diffie-hellman-group1-sha1'.
Unsupported KEX algorithm "+diffie-hellman-group1-sha1"
command-line line 0: Bad SSH2 KexAlgorithms '+diffie-hellman-group1-sha1'.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-29-2017 08:36 AM
Hi,
after Ubuntu Update to 17.x I can't ssh to Extreme Switches (formerly Enterasys).
This helps for me:
ssh -o KexAlgorithms=+diffie-hellman-group1-sha1 admin@
or this options to an X450:
ssh -o HostKeyAlgorithms=+ssh-dss admin@
Regards,
Bernhard
after Ubuntu Update to 17.x I can't ssh to Extreme Switches (formerly Enterasys).
This helps for me:
ssh -o KexAlgorithms=+diffie-hellman-group1-sha1 admin@
or this options to an X450:
ssh -o HostKeyAlgorithms=+ssh-dss admin@
Regards,
Bernhard
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-28-2017 07:28 PM
{Run update} should only be needed if the stack has not been booted since the code was loaded.
Also, to clarify if your switches are stacked, you only need to enable ssh on the master.
Also, to clarify if your switches are stacked, you only need to enable ssh on the master.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-28-2017 07:11 PM
Hi Zohaib,
For EXOS 15.7.2.9 you need to run the following commands to activate SSH on each switch:
- run update
- enable ssh2 vr all
For EXOS 22.2.1.5-P1-4 you need to run the following commands to activate SSH on each switch:
- enable ssh2 vr all
You can then run the "show management" command, check under the "SSH" heading that SSH is enabled and the key is valid.
Please let us know if you have any other questions.
Thank you.
Best regards,
Andrew
For EXOS 15.7.2.9 you need to run the following commands to activate SSH on each switch:
- run update
- enable ssh2 vr all
For EXOS 22.2.1.5-P1-4 you need to run the following commands to activate SSH on each switch:
- enable ssh2 vr all
You can then run the "show management" command, check under the "SSH" heading that SSH is enabled and the key is valid.
Please let us know if you have any other questions.
Thank you.
Best regards,
Andrew
