I know this seems to be a known issue with 09.0.10d but I haven't seen a workaround to get the ICX switch to properly connect in the unleashed AP.
sshd: Unable to negotiate with 192.168.x.x port xxxxx: no matching host key type found. Their offer: ssh-rsa,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss
is there a solution to ensuring that icx devices on the latest FW are compatible with R510 / R710
r710 unleashed AP: Current firmware version: 22.214.171.124.129
any other configuration changes? I think I tried so many different things that I'm in a non-idea state. is there a latest and greatest optimal out of the box config? I need to reload the switch as I zeroized the keys and broke ssh. I might as well reset factory and then set up
the quick start guide is out of date now with the deprecated commands.
I assume the above command would go first before anything else?
device> enable device# configure terminal device(config)# crypto-ssl certificate generate device(config)# username <username> password <password> device(config)# aaa authentication login default local device(config)# aaa authentication web-server default local device(config # no telnet server device(config # enable aaa console device(config)# web-management https device(config)# password-change any device(config)# ip ssh timeout 30 device(config)# ip ssh idle-time 20 device(config)# console timeout 30 device(config)# write memory device(config)# exit device#
That was the only change for me (creating EC key pair). What do you see in:
show ip ssh config
The command I gave will just generate an elliptical key pair. You can have RSA and EC both present on the device. More details on the command here:
If you locked yourself out (no SSH keys and telnet disabled), you can just physically console to the device and create an SSH key (use the command I gave prior). You should then be able to access again.