I have a Cisco Disaster Recovery system that was working ok until i updated Ubuntu and it began failing. Due to a potential issue with the upgrade i chose to build a new SFTP server on Ubuntu 20.04 LTS, the version that was previously working.
I have configured a basic openssh sftp server but i cant get the Cisco device to connect. I can open an sftp session from the server with the cisco creds. If i try to open the same connection using a forced KEX for diffie-hellman-group1-sha1 it fails and says it isnt offered.
I know i need to add older ciphers and KexAlgorithms but when i try to add them to the sshd_config file and restart the ssh service it fails to restart until i remove the added lines. The lines added to teh sshd_config were:
Ciphers aes128-cbc
KexAlgorithms diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
I am not a linux/openssh guy but i have gotten this working in the past and am not sure why i am stuck. any ideas?
Ok, friend showed me how to get more debug info and when comparing what was working vs what was not w realized i had transposed exchange-group for group-exchange. All seems well now, thanks