ProLiant Servers (ML,DL,SL)
1748019 Members
4830 Online
108757 Solutions
New Discussion

SOLVED - Cannot SSH into ILO4 v1.40 or v1.50 after upgrading from v1.32

 
SOLVED
Go to solution
dave_336
Occasional Contributor

SOLVED - Cannot SSH into ILO4 v1.40 or v1.50 after upgrading from v1.32

Is anyone else having issues ssh'ing into the ILO interface with ILO4 v1.40 and v1.50?

I can only ssh when I'm downgraded to v1.32.

 

Is there a fix?

 

ILO4 v1.40

$ ssh Administrator@hostname010-oob.04
Received disconnect from 192.168.2.40: 11: Client Disconnect

 

4 REPLIES 4
Suman_1978
HPE Pro

Re: Cannot SSH into ILO4 v1.40 or v1.50 after upgrading from v1.32

Hi,

 

I am not sure about the fix but here are some workarounds you may try.

 

A) Shorten the Host Key Algorithms list. Use one of the following commands:
# ssh -vvv -oHostKeyAlgorithms=ssh-dss Administrator@hostname010-oob.04
# ssh -vvv -oHostKeyAlgorithms=ssh-rsa Administrator@hostname010-oob.04

 

B) Use different version of SSH if possible.

 

Thank You!
I am a HP employee.


I work for HPE.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]

Accept or Kudo

SyntaXT
Advisor

Re: Cannot SSH into ILO4 v1.40 or v1.50 after upgrading from v1.32

I have no trouble at all with putty from windows.

 

login as: Administrator
Administrator@X.X.X.X's password:
User:Administrator logged-in to MYHOSTNAME(X.X.X.X / FE80::A65D:36FF:FEFE:5FC6)
iLO 4 Advanced 1.50 at  May 07 2014
Server Name: MYHOSTNAME
Server Power: On

Based on customer feedback, we will be enhancing the SSH command line
interface in a future release of the iLO 4 firmware.  Our future CLI will
focus on increased usability and improved functionality.  This message is
to provide advance notice of the coming change.  Please see the iLO 4
Release Notes on www.hp.com/go/iLO for additional information.


</>hpiLO->

 

Maybe you SSH key has changed and you have old one and you are conecting with that old one?

 

 

Oscar A. Perez
Honored Contributor
Solution

Re: Cannot SSH into ILO4 v1.40 or v1.50 after upgrading from v1.32

Does your SSH client support Diffie Hellman group 14?

 

In iLO4 v1.40, we enhanced the security of its SSH server by adding support for the DH group 14 for KEX (2048bits).  

If your SSH client doesn't support group 14, you need specify the old group 1 (1024bit) when connecting to iLO SSH server.  This is because iLO 1.40 and later will default to DH group 14 for KEX.

 

Try adding this parameter to your SSH client 

 

-o KexAlgorithms=diffie-hellman-group1-sha1

 

 




__________________________________________________
If you feel this was helpful please click the KUDOS! thumb below!
dave_336
Occasional Contributor

Re: Cannot SSH into ILO4 v1.40 or v1.50 after upgrading from v1.32

Thank you. Adding the additional option to the command line worked.

I will have to look into updating my ssh client.

 

# ssh -o KexAlgorithms=diffie-hellman-group1-sha1 Administrator@hostname
Warning: Permanently added 'hostname,192.168.2.50' (RSA) to the list of known hosts.
Administrator@hostname's password:
User:Administrator logged-in to hostname(192.168.2.50 / ...)
iLO 4 Advanced 1.50 at May 07 2014
Server Name: hostname
Server Power: On