15.0m4 IOS 配置SSH的问题
设备型号:CISCO 2811C/K9
IOS:C2800NMC-SPSERVICESK9-M
SSH配置:sh ip ssh
SSH Enabled - version 1.99
Authentication timeout: 60 secs; Authentication retries: 2
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded):
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQCxYOhDvr4RAAqOyGxcyKzmbBSCzIEHGpzJ
tVxvTeL7WDj+crzct41IYfa8ScjXOrw0xtziuYJfhXTL7fM5yVLOzIKKQ1PPMWfN
U7q8Vi9siiFdt60Geuj29dIxaIfZeqU=
问题描述:
1、远程终端无法通过SSH2连接这个服务器,在路由器上提示:SSH2 0: Invalid modulus length
2、远程终端可以通过SSH1连接
但是我明明配置的是SSH2。怎么只能用SSH1连接呢?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(7)
在securecrt 5下面。有个vsh命令。可以直接在cmd命令下执行ssh连接
但是安装了securecrt 6.6.2 后 反而没有这个命令
不知道各位用securecrt 6版本的大侠们,是怎么在cmd命令模式下执行ssh连接的。。求教
日啊 懒得看 晕
嗯,securecrt5的确太老了
大概知道问题了
我用的工具securecrt是5版本的。。换成6版本就可以连接
很奇怪。哈哈
不同版本的SSH连接界面
C:>vsh -1 10.74.3.199
administrator@10.74.3.199's password:(成功)
C:>vsh -2 10.74.3.199
C:> (失败,无出错提示)
客户端用的是secureCRT,
命令行下面是VSH
套用了一下vsh -v命令。显示如下:
C:>vsh -v 10.74.3.199
VSH version 5.2.2 (build 92) starting. (Using SSH2Core version 4.1.0.273.)
[LOCAL] : SSH2Core version 4.1.0.273
[LOCAL] : Connecting to 10.74.3.199:22 ...
[LOCAL] : Changing state from STATE_NOT_CONNECTED to STATE_EXPECT_KEX_INIT.
[LOCAL] : Using protocol SSH2
[LOCAL] : RECV : Remote Identifier = "SSH-1.99-Cisco-1.25"
[LOCAL] : CAP : Remote can re-key
[LOCAL] : CAP : Remote sends language in password change requests
[LOCAL] : CAP : Remote sends algorithm name in PK_OK packets
[LOCAL] : CAP : Remote sends algorithm name in public key packets
[LOCAL] : CAP : Remote sends algorithm name in signatures
[LOCAL] : CAP : Remote sends error text in open failure packets
[LOCAL] : CAP : Remote sends name in service accept packets
[LOCAL] : CAP : Remote includes port number in x11 open packets
[LOCAL] : CAP : Remote uses 160 bit keys for SHA1 MAC
[LOCAL] : CAP : Remote supports new diffie-hellman group exchange messages
[LOCAL] : CAP : Remote correctly handles unknown SFTP extensions
[LOCAL] : CAP : Remote correctly encodes OID for gssapi
[LOCAL] : CAP : Remote correctly uses connected addresses in forwarded-tcpip re
quests
[LOCAL] : CAP : Remote VShell can do SFTP version 4
[LOCAL] : CAP : Remote x.509v3 uses ASN.1 encoding for DSA signatures
[LOCAL] : GSS : [Kerberos] SPN : host@10.74.3.199
[LOCAL] : GSS : [Kerberos] Disabling gss mechanism
[LOCAL] : GSS : [Kerberos] InitializeSecurityContext() failed.
[LOCAL] : GSS : [Kerberos] 指定的目标未知或无法达到
[LOCAL] : The following key exchange method has been filtered from the key excha
nge method list because it is not supported: gss-group1-sha1-toWM5Slw5Ew8Mqkay+a
l2g==
[LOCAL] : GSS : [Kerberos w/ Group Exchange] SPN : host@10.74.3.199
[LOCAL] : GSS : [Kerberos w/ Group Exchange] Disabling gss mechanism
[LOCAL] : GSS : [Kerberos w/ Group Exchange] InitializeSecurityContext() failed.
[LOCAL] : GSS : [Kerberos w/ Group Exchange] 指定的目标未知或无法达到
[LOCAL] : The following key exchange method has been filtered from the key excha
nge method list because it is not supported: gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g
==
[LOCAL] : SEND : KEXINIT
[LOCAL] : RECV : Read kexinit
[LOCAL] : Available Remote Kex Methods = diffie-hellman-group-exchange-sha1,diff
ie-hellman-group14-sha1,diffie-hellman-group1-sha1
[LOCAL] : Selected Kex Method = diffie-hellman-group-exchange-sha1
[LOCAL] : Available Remote Host Key Algos = ssh-rsa
[LOCAL] : Selected Host Key Algo = ssh-rsa
[LOCAL] : Available Remote Send Ciphers = aes128-cbc,3des-cbc,aes192-cbc,aes256-
cbc
[LOCAL] : Selected Send Cipher = aes256-cbc
[LOCAL] : Available Remote Recv Ciphers = aes128-cbc,3des-cbc,aes192-cbc,aes256-
cbc
[LOCAL] : Selected Recv Cipher = aes256-cbc
[LOCAL] : Available Remote Send Macs = hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-
96
[LOCAL] : Selected Send Mac = hmac-sha1
[LOCAL] : Available Remote Recv Macs = hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-
96
[LOCAL] : Selected Recv Mac = hmac-sha1
[LOCAL] : Available Remote Compressors = none
[LOCAL] : Selected Compressor = none
[LOCAL] : Available Remote Decompressors = none
[LOCAL] : Selected Decompressor = none
[LOCAL] : Changing state from STATE_EXPECT_KEX_INIT to STATE_KEY_EXCHANGE.
[LOCAL] : SEND : KEXDH_GEX_REQUEST
[LOCAL] : RECV: TCP/IP close
[LOCAL] : Changing state from STATE_KEY_EXCHANGE to STATE_CLOSED.
[LOCAL] : Connected for 0 seconds, 530 bytes sent, 728 bytes received
你客户端用的什么软件去连接IOS的ssh的?
如果可能,用linux的ssh去连接,使用ssh -v IP 可以看到ssh协商的详细信息,帮助排错
或者使用客户端软件来显示详细的debug信息。
路由器的SSH2 0: Invalid modulus length提示信息量还是不足,当然对于高手可以一眼知道原因