New-SShSession is not connecting with some devices.

[marcelo-0511]

I But i have a problem with some remote devices, showed the error: MODO DETALHADO: Using SSH Username and Password authentication for connection. AVISO: Host key is not being verified since Force switch is used. New-SSHSession : Connection failed to establish within 10000 milliseconds.

In putty the connection works normally

Above is what I tried to resolve:

Changed OperationTimeout and -ConnectionTimeout time for 60 seconds. And used the -force mode.

[darkoperator]

What type of device are those and what is the SSH settings (Ciphers for negotiation and host keys) ?

If using Putty try PuTTY Debug Logs: • From the PuTTY Configuration, in the left pane, click on "Logging" under "Session". • On the right, ensure "Log all session output" or "Log SSH packet data" is selected.

If using ssh.exe from Windows 10 try connecting with ssh -vvv to get the info.

[marcelo-0511]

I am trying to connect in fortigate units, it is occurring with just five devices.

[darkoperator]

Does it happen on all fortunes devices or only some? Can you get the extra info ? Also anything in their logs?

[marcelo-0511]

putty.log

[darkoperator]

The Beta 1 version should support those ciphers the none beta one does not. Any errors on the device logs? I fo not have a Fortinet device to test.

[marcelo-0511]

It is happen on five devices, and there is no logs about this error.

[darkoperator]

Sadly not much I can do if the beta 1 does not work since it looks like something in the underling library

[marcelo-0511]

Manifest 2.3.0 Posh-SSH {Get-SCPFile, Get-SCPFolder, Get-SCPItem, Get-SFTPFile...}

That is my installed version.

[darkoperator]

Yep that is the beta. Sadly there is not much I can do to figure out why it is not working since I’m limited by not having access to your systems and info. You will need to see if there is pattern in configuration of each of the devices that do not connect vs the ones that it do works, from location, port, algorithms set for exchanging keys, supported encryption types and key algorithms and see if there is a difference. My recommendation would be to start looking at the info following something like this https://www.tecmint.com/enable-debugging-mode-in-ssh/ https://www.tecmint.com/enable-debugging-mode-in-ssh/ with that extra info if a pattern is found it will be easier to see if it is something in the module or in the library. Could you try doing a -force when initiating the session? It is the only thing that is left to test to see if it is in the key fingerprint checking.

[marcelo-0511]

Hello, good afternoon, The problem was solved.

The deep inspection in that fortigate was enabled for ssh connections, when deep inspection, was disabled the Posh-SSH works normally.

[marcelo-0511]

Carlos, thanks for you help!

You are a great professional. or like we said in brazil "Você é o cara, obrigado!"