Ubuntu 20.04 unable to ssh to Cisco IOS

ssh networking 20.04 cisco

Had a Ubuntu 18.x control workstation with the ability to ssh to Cisco network devices. This workstation received an upgrade to 20.04 last evening. Everything on client side appeared to well but unable to ssh to devices.

Built new Ubuntu 20.04 VM with same results.

Ubuntu Control Station:

ssh [email protected]
Unable to negotiate with 10.1.251.231 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

Router response:

Oct  4 06:07:10.126: %SSH-3-NO_MATCH: No matching kex algorithm found: client curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c server diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

I came across some other documentation which I followed the instructions with no success and the same condition.

By default, when Ubuntu is first installed, remote access via SSH is not allowed. Enabling SSH on Ubuntu is fairly straightforward.

sudo apt update
sudo apt install openssh-server

You can verify that SSH is running by typing: sudo systemctl status ssh

sudo systemctl status ssh

Output:

ssh.service - OpenBSD Secure Shell server
    Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
    Active: active (running) since Mon 2020-06-01 12:34:00 CEST; 9h ago

Ubuntu ships with a firewall configuration tool called UFW. If the firewall is enabled on your system, make sure to open the SSH port:

sudo ufw allow ssh

Looking for a solution to ssh to Cisco IOS.

Thanks in Advance.


Solution 1:

Ubuntu 20.04 deprecated some more insecure algorithms. To re-enable them you can create a conf file in /etc/ssh/ssh_config.d/ with the options you need.

For example (based on your router's response):

echo "KexAlgorithms diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" >>/etc/ssh/ssh_config.d/weak.conf

Related

Is it true that Snap has proprietary server?
Night Light not working in Ubuntu 20.04
How to Fix "Read-only file system" error when I run something as sudo and try to make a folder/file?
I downloaded an EPUB file, how can I get it from Ubuntu to my IPad?
Spotlight Indexing of Google Drive File Stream Disabled on Restart
How do mdfind and mdls derive what metadata a file has and where is it stored?
Does the `mdls` terminal command access metadata in resource forks?
What is this .file at my root folder?
An unknown process related to Preview
Can I substitute my VPN subscription with macOS's Private Relay?
Sync Notes from Mac and iOS devices without iCloud
iMac goes to sleep because the battery has 0% left