sshd[14556]: error: kex_exchange_identification in SN2010


After updating Onix version from 3.8.2306 to 3.9.3202 the configuration stopped being collected on both backup systems cBackup and rConfig.

Please help me figure out the problem probably the problem is in the SSH configuration in SN2010.

Thank you in advance for your help!

Log cBackup:

can’t establish SSH connection.

Message: Algorithm negotiation fail

Log rConfig:

CONN Error: Authentication Failed or unable to connect to on port 22

CONN Failure: Unable to connect via SSH to mellanox-sw-sn2010-1-tst - for command (show configuration) when running Router ID 3 - in Error

Log SN2010:

Sep 16 13:03:40 mellanox-sw-sn2010-1-tst sshd[14556]: error: kex_exchange_identification: Connection closed by remote host

Configuration SSH SN2010:

mellanox-sw-sn2010-1-tst [standalone: master] (config) # show ssh server

SSH server configuration:

SSH server enabled: yes

Server security strict mode: yes

Minimum protocol version: 2

TCP forwarding enabled: no

X11 forwarding enabled: no

SSH login timeout: 120

SSH login max attempts: 6

SSH server login record-period: 1

SSH server ports: 22

Interface listen enabled: yes

Listen Interfaces:

No interface configured.

Host Key Finger Prints and Key Lengths:

RSA v2 host key: SHA256:FLDjgmPok/oBf9NWuU+tqg2uhPmMkwiuBymp3TBHXn4 (2048)

DSA v2 host key: SHA256:GYpxCAFnzGI4HNiR/FLFOjdmK70DovN+2A+yK1ZfcUM (1024)

Hi Roman,

As of 3.9.32xx SSH cipher diffie-hellman-group14-sha1is deprecated and was removed from strict SSH ciphers to non-strict ciphers.

So Please make sure that your ssh client in the configuration management system supports other ciphers.

Thank you for helping Eddie.