Comware Based
cancel
Showing results for 
Search instead for 
Did you mean: 

SSH2 - Algorithm Mismatch HP MSR 3024

AC81
Occasional Visitor

SSH2 - Algorithm Mismatch HP MSR 3024

I am trying to enable SSH2 but when the client logs in to the router a message is displayed with Putty: Couldn't agree a client to server cipher (available: des-cbc)

 

The router console shows:

HP SSHS/6/SSHS_ALGORITHM_MISMATCH: SSH client 10.112.44.46 failed to log in because of encryption algorithm mismatch.
%Aug 27 18:26:27:650 2014 HP SSHS/6/SSHS_DISCONNECT: SSH user (null) (IP: 10.112.44.46) disconnected from the server.

 

 

local RSA & DSA keys created - tested with 1024 and 2048 bit

 

If I enable the command ssh server compatible-ssh1x, when forcing the SSH protocol to v1 it works, but we need to allow v2.

 

 

Software version: Version 7.1.049, Release 0106P02

 

 

What am I missing here?

 

Thanks

11 REPLIES
mertdemi
Advisor

Re: SSH2 - Algorithm Mismatch HP MSR 3024

Hi

new generation msr routers come with low encryption 56 bits supported.

upgrade to higher standards are free you need to login hp passport web page and register your serial for high encryption
dcschamika
Occasional Visitor

Re: SSH2 - Algorithm Mismatch HP MSR 3024

I'm Facing the same Issue,

 

and can any one please let know how this registration can be done or any other way to solve this matter, 

 

this is an urgent matter

 

thank you 

 

mertdemi
Advisor

Re: SSH2 - Algorithm Mismatch HP MSR 3024

Hi Dcschamika
if you dont use a .ru firmware it should be possible.
you need to login hp passport page where you register your products and take this license.

please let me know if you have trouble with web page I am not in front of pc but i can send you a link soon
dcschamika
Occasional Visitor

Re: SSH2 - Algorithm Mismatch HP MSR 3024

can you please share the link so that I can make sure that I m on the same link. and how can you please specify more on the the type of firmware type you have mentioned...
Farzan
Occasional Visitor

Re: SSH2 - Algorithm Mismatch HP MSR 3024

hi Dinesh,

 

please follow the below steps.

 

http://hp.com/networking/mynetworking. First select the "My Licenses" tab, then under the "Products without Registration ID" drop down menu, select “HP MSR High Encryption E-LTU” and follow the prompts.

vimukthi_bandra
Occasional Contributor

Re: SSH2 - Algorithm Mismatch HP MSR 3024

Hi Farzan,

 

Thank you very much it works for me..

rahbar
Occasional Visitor

Re: SSH2 - Algorithm Mismatch HP MSR 3024

Hi,

 

Download the latest version of putty and----- open putty Go to ----ssh then -------Cipher and ----enable check mark of -- --------enable legacy of single DES in ssh2.

 

for proper understand find the attach file

 

 

Rahbar Raza Zaidi

 

 

 

 

 

 

 

 

 

 

 

 

sdarte
Occasional Advisor

Re: SSH2 - Algorithm Mismatch HP MSR 3024

to get the serial number required for the high encryption registration.  type display license device-id and it will give you both the serial number and the device-id.  With this and the part number, you can request the key from the webpage mentioned below.

 

Sue Darte

HP

Apachez-
Trusted Contributor

Re: SSH2 - Algorithm Mismatch HP MSR 3024

Getting a high encryption registration and download the proper firmware (and update) is the way to go.

 

Using DES (aka single des) is almost as bad as if you were using cleartext telnet these days...

Serge1987
Member

Re: SSH2 - Algorithm Mismatch HP MSR 3024

Guys, there seems to be the same problem on HSR series too :( SSH v1 works but v2 gives version mismatch on Linux box, works with Putty though which is no use to me. Any ideas?

DeeKarev
Occasional Visitor

Re: SSH2 - Algorithm Mismatch HP MSR 3024

It seems (according to your username) that HSR router you mention using a .RU software version. Works as designed, alas. 56 bit encryption only => no SSH2.

"Software Release HSR6602_5.20.R3303P30.RU

NOTE: This version of software contains 56 bit encryption capabilities only.  It has been specifically designed to meet regulatory requirements within the Russian Federation.  Customers requiring higher encryption should download the software intended for use in the rest of the world (the filenames do not include .RU)"

Attempting to obtain a software version wich allows normal encryption level and upgrading a router software seems to be the only solution from my point of view.