[rancid] Nexus 9k Login Crypto
Piegorsch, Weylin William
weylin at bu.edu
Thu Dec 29 03:08:32 UTC 2016
Regarding type “cisco-nx”, is there a need to take into account the Nexus 9000 crypto support?
See here:
http://www.cisco.com/c/en/us/support/docs/switches/nexus-9000-series-switches/200663-Unable-to-SSH-into-Nexus-9K-fatal.html
I found that my default setting yielded:
[rancid at localhost ~]$ clogin Nexus-9k
Nexus-9k
spawn telnet Nexus-9k
Trying 10.123.12.241...
telnet: connect to address 10.123.12.241: Connection refused
spawn ssh -c 3des -x -l rancid Nexus-9k
no matching cipher found: client 3des-cbc server aes128-ctr,aes192-ctr,aes256-ctr
Error: Couldn't login: Nexus-9k
[rancid at localhost ~]$
However, if I added the line to my .cloginrc:
add cyphertype Nexus-9k {aes128-ctr,aes192-ctr,aes256-ctr}
Then everything worked fine (I’ll spare everyone the output).
I’m not clear this is a rancid issue, or a local system issue. Is it something at least worth noting?
weylin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20161229/f0a4bad9/attachment.html>
More information about the Rancid-discuss
mailing list