...The default settings of RSA @ 2048 bits works without issue....
This doesn't seem to be the default anymore (at least on Linux):
$ man ssh-keygen
-b ...For RSA keys, the minimum size is 1024 bits and the default is 3072 bits....
Old SSH server
I also had to convert to SSH2 format or I got this error:
ip ssh pub-key-file tftp TFTP-IP public.key
ERROR: key# 1 must begin with ---- BEGIN SSH2 PUBLIC KEY ----
Error in SSH Public Key file!
Trying to ssh when everything is setup gives:
$ ssh USER@SWITCH-IP
Unable to negotiate with SWITCH-IP port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
$ ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 USER@SWITCH-IP
Unable to negotiate with SWITCH-IP port 22: no matching host key type found. Their offer: ssh-rsa
$ ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-rsa USER@SWITCH-IP
SSH@HOSTNAME>
ManoftheSea
commented
9 months ago
Thank you for Brocade ICX Series (cheap & powerful 10gbE/40gbE switching).
Just had some questions about things I had to do that weren't covered by the guide.
https://fohdeesha.com/docs/icx6xxx-adv.html#optional-key-based-ssh-access
This doesn't seem to be the default anymore (at least on Linux):
Old SSH server I also had to convert to SSH2 format or I got this error:
Trying to ssh when everything is setup gives:
Adding the changes to ssh/config Make this persistent by adding something like this to
~/.ssh/config:If none of this is wrong I think it should be added to the guide.