Forum Discussion

mnagel's avatar
Icon for Professor rankProfessor
2 years ago

modernize WebSSH client

One of our customers could not connect via the WebSSH client to a newly setup switch using modern SSH algorithms. I personally only rarely use that feature, but I tested it and traced the issue to:

%SSH-3-NO_MATCH: No matching kex algorithm found: client diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 server ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256

I added diffie-hellman-group14-sha1 to the switch KEX list, but would prefer to keep only modern algorithms active.  Any chance we can get that client updated to negotiate newer algorithms? Security teams are more and more tight on what is allowed to operate within enterprise networks (for good reason).


No RepliesBe the first to reply