[rancid] As one door closes, another opens... ssh failing with (some) Cisco devices after OS upgrade?
Howard Jones
howie at thingy.com
Sat May 16 10:08:08 UTC 2015
On 15/05/2015 17:38, Howard Jones wrote:
> This seems to be to do with a new lower key size restriction in newer
> openssh version - does anyone know a way around it? Ideally without
> regenerating the keys on the routers? In fact, I just tried
> regenerating a 2048-bit key on one of the affected routers, and it
> makes no difference anyway.
I "resolved" my issue for now by installing a copy of openssh 4.9 in
/opt and using sshcmd for the affected devices - a selection of ASRs and
ISRs, but not all. I'd still be interested in what the real fix is
though! Evidently those specific devices don't meet some minimum
standard that the openssh folks enforce.
Cheers,
Howard
More information about the Rancid-discuss
mailing list