Hi,
I'm attempting to use Config backup using SCP from my 1830 24P ( running version 2.9.1 firmware).
My SCP server is running Debian 12 Bookworm ( amd64).
I get this error on the 1830 Web Interface:
On the Debian server, I get the following errors:
: Unable to negotiate with 10.0.0.12 port 50050: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1 [preauth]
: Unable to negotiate with 10.0.0.12 port 50051: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1 [preauth]
: Unable to negotiate with 10.0.0.12 port 50052: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1 [preauth]
Is there any way to tell the 1830 to use any newer algorithms such as those listed on ssh key-exchange-algorithms ?
Thanks again,
Travis
Update 1: I found a "temporary" "workaround" to allow use of old ciphers / keys on Debian 12.
The workaround allows the backup to occur ; so I'm happy :)
In "/etc/ssh/sshd_config" :
# uncomment the following lines:
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
# add end of the file add:
KexAlgorithms diffie-hellman-group1-sha1,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
Ciphers +aes128-cbc
HostKeyAlgorithms ssh-rsa,ssh-dss
PubkeyAcceptedKeyTypes ssh-rsa,ssh-dss
# ----
# save the file and restart ssh server with:
sudo systemctl restart ssh
Result:
SCP backup works!
------------------------------
Travis Thorne
------------------------------