Cisco vs. 6.9
mikep at noc.utoronto.ca
mikep at noc.utoronto.ca
Fri Jul 24 22:10:59 AEST 2015
> After upgrading a Linux system from OpenSSH 6.7 to 6.9, Cisco
> switches/routers can no longer scp config files to/from the system. The
> last debug entry before the Cisco device closes the connection is "debug1:
> server_input_channel_open: confirm session". The next line is "Connection
> closed by x.x.x.x". Anyone else seen this or know of a fix? The Cisco
> device gives "Undefined error" when scp'ing a config file from the server,
> and "Permission denied" (probably not the correct error message) when
> scp'ing a file to the server. Works fine after reverting to 6.7. Cisco
> device is running IOS 15.1(2).
We don't use 'scp' but regular 'ssh' started failing with OpenSSH 6.8.
Here's the config in 'ssh_config' that works for us:
Host <list of router names / patterns here>
ForwardAgent no
ForwardX11 no
ForwardX11Trusted no
Ciphers aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
KexAlgorithms diffie-hellman-group1-sha1
Mike
--
Mike Peterson Information Security Analyst - Audit
E-mail: mikep at noc.utoronto.ca WWW: http://www.noc.utoronto.ca/
Tel: 416-978-5230 Fax: 416-978-6620
More information about the openssh-unix-dev
mailing list