[rancid] As one door closes, another opens... ssh failing with (some) Cisco devices after OS upgrade?

Howard Jones howie at thingy.com
Sat May 16 10:08:08 UTC 2015

On 15/05/2015 17:38, Howard Jones wrote:
> This seems to be to do with a new lower key size restriction in newer 
> openssh version - does anyone know a way around it? Ideally without 
> regenerating the keys on the routers? In fact, I just tried 
> regenerating a 2048-bit key on one of the affected routers, and it 
> makes no difference anyway.
I "resolved" my issue for now by installing a copy of openssh 4.9 in 
/opt and using sshcmd for the affected devices - a selection of ASRs and 
ISRs, but not all. I'd still be interested in what the real fix is 
though! Evidently those specific devices don't meet some minimum 
standard that the openssh folks enforce.



More information about the Rancid-discuss mailing list