This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ICX w/FI 9.0.10e SSH KEX Not Matching with ICX w/FI 8.0.90k

KennethDelaney
New Contributor II

‎07-19-2023 10:52 AM - edited ‎07-19-2023 10:59 AM

I am seeing issues with no matching SSH Key Exchange Algorithm (KEX) when attempting to SSH to/from an ICX with 9.0.10e and ICXs with 8.0.90k or 8.0.95g firmware.  I turned on debug for ssh on both ICXs and what I found is the following....

ICX 8.0.90k SSH to ICX 9.0.10e and I get no matching key exchange method found. Their offer diffie-hellman-group14-sha1, diffie-hellman-group1-sha1

ICX 9.0.10e SSH to ICX 8.0.90k and I get SSH: KEX Algorithm no match found

I thought that FI 9.0.10e supports diffie-hellman-group14-sha1 by default?

The end result is that any non-9.0.10e ICXs can ssh to each other, and 9.0.10e ICXs can ssh to each other, but you cannot ssh between the versions because SSH KEX issue.

 

Hitachi Vantara Federal
Network Engineer, RICX
0 Kudos
10 REPLIES 10

belsbree
New Contributor
In response to BenBeck

‎07-16-2024 07:35 AM

Hey Ben,

Thanks for the reply! I put this into the 10.x switch and still getting outbound connection failed. If you'd like, I can show debug results / any other command results that may help. 

0 Kudos
Copyright © 2024 Khoros, LLC