Hello,
with the current OpenSSH Client 7.1 (released August 21, 2015) it is not possible any longer to login "directly" to an EXOS switch.
~ $ ssh admin@X
Unable to negotiate with X: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
According to
http://www.openssh.com/legacy.html the workaround is:
~ $ ssh admin@X -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-dss
[..]
Enter password for admin:
ExtremeXOS
Copyright (C) 1996-2015 Extreme Networks. All rights reserved.
This product is protected by one or more US patents listed at
http://www.extremenetworks.com/patents along with their foreign counterparts.
==============================================================================
Press the
or '?' key at any time for completions.
Remember to save your configuration changes.
Slot-1 Y #
Are there any plans or already ways, that EXOS's SSH Implementation doesn't use weak/legacy algorithms?
Cheers
Jan
P.S.: Tested with EXOS up to:
# sh version
Switch : 800551-00-05 1523N-44609 Rev 5.0 BootROM: 1.0.2.1 IMG: 16.1.1.4
X460-G2-VIM-2X-B-1: 800556-00-03 1502N-42815 Rev 3.0
PSU-1 : Internal PSU-1 800592-00-07 1519A-45753
PSU-2 : Internal PSU-2 800592-00-07 1519A-45758
Image : ExtremeXOS version 16.1.1.4 by release-manager
on Fri Jun 12 17:47:56 EDT 2015
BootROM : 1.0.2.1
Diagnostics : 3.1
