View Single Post
Old 02-24-2020, 01:28 PM
bgagnon bgagnon is offline
VanDyke Technical Support
Join Date: Oct 2008
Posts: 4,636
Arrow How-To: Change session configuration to be compatible with Cisco WLC devices

bgagnon: 02-26-2020, 9:54am : I've attached a Python script that should make the host key algorithm change easier.

Are you getting the following error when connecting to Cisco WLC devices?

The server has disconnected with an error. Server message reads:
A protocol error occurred. Bye Bye

If so, you likely need to change the session configuration to prefer a new host key algorithm and use a new key exchange method (available in SecureCRT v7.3 and later).

In the Key exchange grouping in the Connection / SSH2 category of Session Options:
  • Move ecdh-sha2-nistp256 to the top (and make sure it is enabled)

The host key algorithm change is a little complicated. I have added this thread to a feature request to expose this in the GUI.
  • Take note of the config folder location in the General / Configuration Paths category of SecureCRT's Global Options

  • Close all instances of SecureCRT and SecureFX

  • Go to the config folder location, inside the Sessions subfolder locate the session INI for the session you wish to change (or change Default.ini if an ad hoc connection)

  • Make the following edits:
    D:"Use Global Host Key Algorithms"=00000001
    S:"Host Key Algorithms"=ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,null,x509v3-sign-rsa,x509v3-sign-dss,ssh-dss

    D:"Use Global Host Key Algorithms"=00000000
    S:"Host Key Algorithms"=ecdsa-sha2-nistp256,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,null,x509v3-sign-rsa,x509v3-sign-dss,ssh-dss
    NOTE: These two entries should be just one line each (no wrapping). Also, the host key algo string in your session INI may differ as far as content, what is important is to move ecdsa-sha2-nistp256 so it is the very first one after the equal sign. (Be sure to maintain the format of comma-delimited with no space after the comma for the string of algorithms.)

  • Save changes
Attached Files
File Type: txt (9.2 KB, 1115 views)

VanDyke Software
Technical Support
(505) 332-5730

Last edited by bgagnon; 02-26-2020 at 01:51 PM. Reason: Added script option