How to configure OpenSSH 7.0(and above) to login smart and managed switches?
SSH is a security protocol for network communication. It is an encrypted shell which provides a secure tunnel for different kinds of network protocols such as telnet, ftp, pop, etc.
When we use OpenSSH client on Linux to login switch, sometimes it will turn out an error info as shown below:
This is because OpenSSH 7.0 (and above) disables the algorithm by default that our switches are applying. We need to enable the corresponding algorithm on OpenSSH client manually.
Generally speaking, OpenSSH client has been installed on Linux system by default. We can type in dpkg –L|grep ssh to check what version of our OpenSSH client. OpenSSH client version on this system is 7.2.
Let’s start from the beginning and take T1600G-28TS( IP address 192.168.1.52) as an example. We are aimed to login switch via OpenSSH client with Ubuntu 1604. Before everything, we should enable SSH by WebUI (you can also use telnet). Go to System--->Access Security--->SSH Config, Enable SSH. Click Apply.
Because here our OpenSSH client version is 7.2, we need to modify configuration file of OpenSSH client under this condition. Turn to /etc/ssh floder On Ubuntu. We open ssh_config via nano. After entering sudo nano ssh_config, we need type system login password. Here is root.
sudo nano ssh_config
Add KexAlgorithms +diffie-hellman-group1-sha1
to the bottom of ssh_config as picture below. This step we enable the corresponding algorithms. Then press Ctrl+O to save. Ctrl+X to exit.
Now let’s try to login. Type command ssh email@example.com, then enter default password admin. We login successfully!
Your feedback helps improve this site.