Connecting to Ancient Network Kit with SSH under Ubuntu 22.04

Written by James McDonald

February 21, 2023

Just tried to connect to a couple of old Cisco Switches from Ubuntu 22.04

lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 22.04.2 LTS
Release:        22.04
Codename:       jammy

The Problem – (I think this is a WS-C2960X)

 ssh 10.11.12.13
# output
Unable to negotiate with 10.11.12.13 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

The Resolution

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostkeyAlgorithms=+ssh-rsa 10.11.12.13

Step by Step Example of Fixing the Problem when connecting to a WS-C2960G-48TC-L

This shows the process of adding command line options based on the “Their offer:” reply from the switch until you finally get a login prompt

ssh 10.11.12.14
# output
Unable to negotiate with 10.11.12.14 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

So add KexAlgorithms

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 10.11.12.14
# output
Unable to negotiate with 10.11.12.14 port 22: no matching host key type found. Their offer: ssh-rsa

Then add HostkeyAlgorithms

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostkeyAlgorithms=+ssh-rsa  10.11.12.14
# output
Unable to negotiate with 10.11.12.14 port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc

Then add Cipher (-c) and finally we have a login prompt

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostkeyAlgorithms=+ssh-rsa -c aes128-cbc 10.11.12.14
# output
([email protected]) Password:

Sometimes things are so old you have to go Old-Old School

Sometimes you try to connect with ssh and you get

ssh 10.11.12.25
# 
ssh: connect to host 10.11.12.25 port 22: Connection refused

So then you might need to install a telnet client

sudo apt-get install telnet

Try again with telnet

telnet 10.11.12.25
# output
Trying 10.11.12.25...
Connected to 10.11.12.25.
Escape character is '^]'.


User Access Verification

Username:

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Ubuntu on Hyper-v

It boils town to installing linux-azure # as root or sudo apt-get update apt-get install linux-azure...