DescriptionOlder Switches May Support SSH Version 1 Only
ScopeVersion: All
SolutionVersion: all
Issue: Communication issues with older switches when attempting to connect using SSH v2.
Symptoms can include:
- Failure to read tables
- Failure to switch Vlans
- Validating Credentials via Administrative UI fails.
To verify, attempt to connect to the switch via Network Sentry's CLI using SSH.
ssh bradford@10.250.254.31
The switch may only support SSH v1 if the following message is returned:
The authenticity of host '10.250.254.31 (10.250.254.31)' can't be established.
RSA key fingerprint is 8c:74:65:d8:f1:79:18:85:a4:7e:13:e4:40:39:e1:07.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.250.254.31' (RSA) to the list of known hosts.
ssh_rsa_verify: RSA modulus too small: 512 < minimum 768 bits
key_verify failed for server_host_key
Workaround: Specify v1 when attempting to connect.
ssh -1 bradford@10.250.254.31
A successful login prompt will be presented if the switch only supports SSH v1.
Solution: Change the protocol to SSH1 in the Model Configuration of the switch.
1. In the Administrative UI, navigate to Network Devices > Topology
2. Click on the switch and select the Credentials tab or right click and select Model Configuration.
3. Under Protocol, select SSH 1 from the Type drill down.
4. Click APPLY.
To validate, click the Credentials tab and click Validate Credentials.
