HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
BladeSystem Network Blades
cancel
Showing results for 
Search instead for 
Did you mean: 

GbE2c OpenSSH 6.2+ Compatibility

 
phoeniXfury
Occasional Visitor

GbE2c OpenSSH 6.2+ Compatibility

Hi There,

 

We've recently come across the same issue with our GbE2c as found in iLO2 prior to version 2.20. Connecting from OpenSSH version 6.2 and higher results in a payload error on the switch console.

 

The only workaround right now is to specify "-o MACs=hmac-sha1" when connecting. According to the following post, a fix was put in to iLO2 last year to solve this problem.

 

http://h30499.www3.hp.com/t5/ITRC-Remote-Lights-Out-Mgmt-iLO/Unable-to-SSH-to-iLO2-with-OpenSSH-6-2/td-p/6050925

 

Is there any chance a fix can be added to this switch? We are running the latest firmware released in July 2014.

 

 

--------------SSH OUTPUT -------------

$ ssh -vvv wmpassthrough1
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to wmpassthrough1 [172.20.42.108] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/ewu/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /home/ewu/.ssh/id_rsa type 1
debug1: identity file /home/ewu/.ssh/id_rsa-cert type -1
debug1: identity file /home/ewu/.ssh/id_dsa type -1
debug1: identity file /home/ewu/.ssh/id_dsa-cert type -1
debug1: identity file /home/ewu/.ssh/id_ecdsa type -1
debug1: identity file /home/ewu/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/ewu/.ssh/id_ed25519 type -1
debug1: identity file /home/ewu/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 1.99, remote software version BNT
debug1: no match: BNT
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "wmpassthrough1" from file "/home/ewu/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp51
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,es
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes25e
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes25e
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-1286
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-1286
debug2: kex_parse_kexinit: zlib@openssh.com,zlib,none
debug2: kex_parse_kexinit: zlib@openssh.com,zlib,none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: aes256-cbc,rijndael256-cbc,aes192-cbc,rijndael192-cbc,aes128-cbc,rijndael128-cbc,3dr
debug2: kex_parse_kexinit: aes256-cbc,rijndael256-cbc,aes192-cbc,rijndael192-cbc,aes128-cbc,rijndael128-cbc,3dr
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: setup hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_setup: setup hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: bits set: 542/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
Write failed: Connection reset by peer