【发布时间】:2014-08-16 16:31:25
【问题描述】:
由于某种原因,我无法从 Ubuntu 14.04 机器通过 SSH 连接到 Cisco CSR1000v 路由器。
我们的思科固件是;
Cisco IOS XE Software, Version 03.12.00.S - Standard Support Release
Cisco IOS Software, CSR1000V Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.4(2)S, RELEASE SOFTWARE (fc2)
显示的服务器错误是;
%SSH-3-DH_RANGE_FAIL: Client DH key range mismatch with maximum configured DH key on server
显示的客户端错误是;
$ ssh -v admin@172.16.3.253
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 172.16.3.253 [172.16.3.253] port 22.
debug1: Connection established.
debug1: identity file /home/admin/.ssh/id_rsa type 1
debug1: identity file /home/admin/.ssh/id_rsa-cert type -1
debug1: identity file /home/admin/.ssh/id_dsa type -1
debug1: identity file /home/admin/.ssh/id_dsa-cert type -1
debug1: identity file /home/admin/.ssh/id_ecdsa type -1
debug1: identity file /home/admin/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/admin/.ssh/id_ed25519 type -1
debug1: identity file /home/admin/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version Cisco-1.25
debug1: no match: Cisco-1.25
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<7680<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Connection closed by 172.16.3.253
【问题讨论】:
-
您的问题在这里是题外话,但在unix.stackexchange.com 上会是题外话。
-
@peterh 这个话题快一年了,翻阅档案似乎有点迂腐.....
-
sleepycal,我同意 - 但它可以作为未来谷歌人的路标。如果我需要投票支持关闭,我的心在流血,在类似的情况下,我必须尽一切可能补偿操作。
标签: ubuntu networking ssh router cisco