Connecting to Ancient Network Kit with SSH under Ubuntu 22.04

by | Feb 21, 2023 | IT Tips | 0 comments

Just tried to connect to a couple of old Cisco Switches from Ubuntu 22.04

?
1
2
3
4
5
6
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 22.04.2 LTS
Release:        22.04
Codename:       jammy

The Problem - (I think this is a WS-C2960X)

?
1
2
3
ssh 10.11.12.13
# output
Unable to negotiate with 10.11.12.13 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

The Resolution

?
1
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostkeyAlgorithms=+ssh-rsa 10.11.12.13

Step by Step Example of Fixing the Problem when connecting to a WS-C2960G-48TC-L

This shows the process of adding command line options based on the "Their offer:" reply from the switch until you finally get a login prompt

?
1
2
3
ssh 10.11.12.14
# output
Unable to negotiate with 10.11.12.14 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

So add KexAlgorithms

?
1
2
3
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 10.11.12.14
# output
Unable to negotiate with 10.11.12.14 port 22: no matching host key type found. Their offer: ssh-rsa

Then add HostkeyAlgorithms

?
1
2
3
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostkeyAlgorithms=+ssh-rsa  10.11.12.14
# output
Unable to negotiate with 10.11.12.14 port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc

Then add Cipher (-c) and finally we have a login prompt

?
1
2
3
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostkeyAlgorithms=+ssh-rsa -c aes128-cbc 10.11.12.14
# output
(jamesm@10.11.12.14) Password:

Sometimes things are so old you have to go Old-Old School

Sometimes you try to connect with ssh and you get

?
1
2
3
ssh 10.11.12.25
#
ssh: connect to host 10.11.12.25 port 22: Connection refused

So then you might need to install a telnet client

?
1
sudo apt-get install telnet

Try again with telnet

?
1
2
3
4
5
6
7
8
9
10
telnet 10.11.12.25
# output
Trying 10.11.12.25...
Connected to 10.11.12.25.
Escape character is '^]'.
 
 
User Access Verification
 
Username:

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.