Žilinská univerzita > Fakulta riadenia a informatiky > Katedra informačných sietí

Login from Linux to Cisco ASA - SSH problem

Trying to connet from my linux terminal on Cisco ASA ssh using

ssh palo@192.168.10.1
Unable to negotiate with 192.168.10.1 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

return the error on diffie hellman unmatch.

Working solution is to add an ssh options with "-o", which specify the key exchange method that are used to generate per-connection keys

-oKexAlgorithms=+diffie-hellman-group1-sha1

So working solutions is:

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 palo@192.168.10.1

The authenticity of host '192.168.10.1 (192.168.10.1)' can't be established.
RSA key fingerprint is SHA256:f7fovvYPEEb5Hggrw1/0C0SQHdFncWWmQCvtepBQAgc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.10.1' (RSA) to the list of known hosts.
palo@192.168.10.1's password:
******
Type help or '?' for a list of available commands.
kis-asa-5515X>
Groups: