Go to Qiita Advent Calendar 2024 Top
LoginSignup
2
2

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 1 year has passed since last update.

@Fuuma(Fuuma)

MacでCiscoにSSHしようとしたらエラーが出る

Posted at

概要

  • MacでCisco 1900 SeriesにSSHしようとした
  • SSHをしようとしたらマッチングしないとエラーが順番に出たのでまとめた
  1. 鍵交換方式が違う
  2. ホストキータイプが違う
  3. 暗号化アルゴリズムが違う

Cisco側のSSH設定

これの通りの手順でやりました

手順通りでエラーが出なかったのでSSHをしてみる

SSH接続時に鍵交換方式が違うと言われる

~ ❯❯❯ ssh name@xxx.xxx.xxx.xxx
Unable to negotiate with xxx.xxx.xxx.xxx port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

~/.ssh/configに以下を追加する

HOST xxx.xxx.xxx.xxx
  HostName xxx.xxx.xxx.xxx
  # 鍵交換アルゴリズムを指定
  KexAlgorithms +diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

SSHしてみる

ホストキータイプが違う

~ ❯❯❯ ssh name@xxx.xxx.xxx.xxx
Unable to negotiate with xxx.xxx.xxx.xxx port 22: no matching host key type found. Their offer: ssh-rsa

さっきのやつに追記する

HOST xxx.xxx.xxx.xxx
  HostName xxx.xxx.xxx.xxx
  # 鍵交換アルゴリズムを指定
  KexAlgorithms +diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  # ホストキータイプを指定
  HostKeyAlgorithms +ssh-rsa

SSHしてみる

暗号アルゴリズムが違う

~ ❯❯❯ ssh name@xxx.xxx.xxx.xxx
Unable to negotiate with xxx.xxx.xxx.xxx port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc

さっきのやつに追記する

HOST xxx.xxx.xxx.xxx
  HostName xxx.xxx.xxx.xxx
  # 鍵交換アルゴリズムを指定
  KexAlgorithms +diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  # ホストキータイプを指定
  HostKeyAlgorithms +ssh-rsa
  # 暗号化アルゴリズムを指定
  Ciphers +aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc

SSHしてみる

ちゃんと動いた

~ ❯❯❯ ssh name@xxx.xxx.xxx.xxx
(name@xxx.xxx.xxx.xxx) Password:
R1>

コマンド版(config書き換えるの面倒な人のための)

  • 鍵交換アルゴリズムを追加 -o KexAlgorithms= 
ssh -o KexAlgorithms=+diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 name@xxx.xxx.xxx.xxx
  • ホストキータイプを追加 -o HostKeyAlgorithms= 
ssh -o KexAlgorithms=+diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 -o HostKeyAlgorithms=+ssh-rsa  name@xxx.xxx.xxx.xxx
  • 暗号化アルゴリズムを追加 Ciphers= 
ssh -o KexAlgorithms=+diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 -o HostKeyAlgorithms=+ssh-rsa -o Ciphers=+aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc name@xxx.xxx.xxx.xxx
2
2
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
2
2

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?