Skip to main content

Does anyone else face an issue with not being able to SSH from Password Safe to network devices running Cisco ISE after an update to Cisco ISE 17.10+?

The reason is that from that version onwards, Cisco ISE only supports hmac-sha2-256-etm@openssh.com & hmac-sha2-512-etm@openssh.com as default MAC algorithms, which are not supported by Password Safe. The devices are running in a special SD-WAN controller mode where it is not possible to enable additional algorithms.

It would be interesting to know if anyone has been in a similar situation and how the problem could be resolved.

Hello,

 

Please review the following articles:

 

Supported KEX Cipher, Host Key Algorithm, Encryption Cipher, and MAC Cipher IDs KB0021040

 

ERROR: SSH client: No matching key exchange algorithm found - No matching cipher found - No matching MAC algorithm found
KB0017016

 

Please let us know if this resolves the issue. 

Hi!

I faced a similar issue a time ago. In my case we faced the issue after a fortinet upgrade. We fixed the issue adding a new registry key and after reboot appliances.

 

Try with BeyondInsight / Password Safe - ERROR: SSH client: No matching key exchange algorithm found - No matching cipher found - No matching MAC algorithm found (service-now.com)

Reply


Badge Earners

  • BCIE: Privileged Remote Access
    Bruceyhas earned the badge BCIE: Privileged Remote Access
  • BCIE: Remote Support
    Bruceyhas earned the badge BCIE: Remote Support
  • BCA: Privileged Remote Access
    linehas earned the badge BCA: Privileged Remote Access
  • BCA: Password Safe
    linehas earned the badge BCA: Password Safe
  • BCA: Password Safe
    MedBouhas earned the badge BCA: Password Safe
Show all badges
Terms & ConditionsCookie settings