LINUX BOX UNABLE TO SSH COMEWARE SWITCHES (5.2/7.1)

There is issue observed that the Linux Box unable to ssh the Comware 5.2 and 7.1 switches. It is showing the follwoing error:

Unable to negotiate with 192.168.10.254 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

These SSH compatibility issues, we can simply temporarily enable all legacy cryptography methods that our SSH client currently supports.

We can check the supported method from the Linux Box:

ssh -Q mac

ssh -Q kex

ssh -Q key

ssh -Q cipher

We need to fix the nagotiation method using the follwing command:

{

echo -n 'Ciphers '

ssh -Q cipher | tr '\n' ',' | sed -e 's/,$//'; echo

echo -n 'MACs '

ssh -Q mac | tr '\n' ',' | sed -e 's/,$//'; echo

echo -n 'HostKeyAlgorithms '

ssh -Q key | tr '\n' ',' | sed -e 's/,$//'; echo

echo -n 'KexAlgorithms '

ssh -Q kex | tr '\n' ',' | sed -e 's/,$//'; echo

} >> ~/.ssh/config

The will add the following details on the .ssh/config file:

Now you will able to login from the Linux box to the Comware Switches.

Thanks,

Naresh Mahato.

Comments

ArubaOS-CX, ArubaOS- Switch, Comware and Cisco IOS

The command line comparison demonstrated for 4 different OS of the switches, I think this will help you to understand the configuration level deployment. Comware Differences If you are familiar with either the ArubaOS-Switch CLI or the Cisco IOS CLI, you will notice that the Comware CLI is organized slightly differently . Comware was designed for Internet service providers (ISPs). Many features and functions—such as security and Quality of Service (QoS)—are multi-tiered to support the different needs of multiple entities accessing the same switch. ArubaOS-CX ArubaOS switch (now the Aruba OS), HPE Comware version 7 Cisco IOS ArubaOS-CX operating system runs on the 8400 and 8320 switches. ArubaOS Switch operating system runs on Aruba 2530 , Aruba 2920 , Aruba 2930F , Aruba 2930M , Aruba 3810M , Aruba 5400R , HPE 2620 , HPE 3500 , HPE 5400 and HPE 3800 switch platforms. HPE Comware7 operating system runs on HPE FF 12900 , HPE 12500 , HPE 5120/5130/5500/

HP A5120 Configuration

Today I am going to configure the HP A5120-24G EI Switch. We require the COM1 Port on the system and console cable. The pictures are shown below: COM1: Console Cable: Or You can use converter like this to connect to your laptop USB port : Connect the cable to the console cable with your system and power on the switch and hit Enter Press ENTER to get started, you will able to see like this: <HPSWITCH> #Apr 26 12:19:44:864 2000 HPSWITCH SHELL/4/LOGIN: Trap 1.3.6.1.4.1.25506.2.2.1.1.3.0.1: login from Console %Apr 26 12:19:44:995 2000 HPSWITCH SHELL/5/SHELL_LOGIN: Console logged in from aux0. <HPSWITCH> <HPSWITCH> As we know that the cisco having three stage to get into the switch console, just like same here. user mode : > privilege mode : # and the global config mode: config# same structures are here but little more differ from the Cisco here we have the user mode and system

Aruba 2930F / 2530 / 2540 Switch NTP CONFIGURATION

ArubaOS-Switch 16.05 NTP issue Often we found, the ArubaOS having issues with NTP time syncing. I have found the solution to tackle this issue. timesync sntp sntp unicast sntp 30 sntp server priority 1 SERVER X.X.X.X (NTP SERVER IP) time timezone 330 ( 330 for IST) Happy Learning :) Thanks, Naresh Mahato.

Night Reader

Search This Blog