Trying to connet from my linux terminal on Cisco ASA ssh using
ssh palo@192.168.10.1 Unable to negotiate with 192.168.10.1 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
return the error on diffie hellman unmatch.
Working solution is to add an ssh options with "-o", which specify the key exchange method that are used to generate per-connection keys
-oKexAlgorithms=+diffie-hellman-group1-sha1
So working solutions is:
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 palo@192.168.10.1 The authenticity of host '192.168.10.1 (192.168.10.1)' can't be established. RSA key fingerprint is SHA256:f7fovvYPEEb5Hggrw1/0C0SQHdFncWWmQCvtepBQAgc. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.10.1' (RSA) to the list of known hosts. palo@192.168.10.1's password: ****** Type help or '?' for a list of available commands. kis-asa-5515X>