Welcome to the VanDyke Software Forums

Join the discussion today!

Go Back   VanDyke Software Forums > General


Closed Thread
Thread Tools Display Modes
Old 02-24-2020, 01:28 PM
bgagnon bgagnon is offline
VanDyke Technical Support
Join Date: Oct 2008
Posts: 4,636
Arrow How-To: Change session configuration to be compatible with Cisco WLC devices

bgagnon: 02-26-2020, 9:54am : I've attached a Python script that should make the host key algorithm change easier.

Are you getting the following error when connecting to Cisco WLC devices?

The server has disconnected with an error. Server message reads:
A protocol error occurred. Bye Bye

If so, you likely need to change the session configuration to prefer a new host key algorithm and use a new key exchange method (available in SecureCRT v7.3 and later).

In the Key exchange grouping in the Connection / SSH2 category of Session Options:
  • Move ecdh-sha2-nistp256 to the top (and make sure it is enabled)

The host key algorithm change is a little complicated. I have added this thread to a feature request to expose this in the GUI.
  • Take note of the config folder location in the General / Configuration Paths category of SecureCRT's Global Options

  • Close all instances of SecureCRT and SecureFX

  • Go to the config folder location, inside the Sessions subfolder locate the session INI for the session you wish to change (or change Default.ini if an ad hoc connection)

  • Make the following edits:
    D:"Use Global Host Key Algorithms"=00000001
    S:"Host Key Algorithms"=ssh-rsa,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,null,x509v3-sign-rsa,x509v3-sign-dss,ssh-dss

    D:"Use Global Host Key Algorithms"=00000000
    S:"Host Key Algorithms"=ecdsa-sha2-nistp256,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,null,x509v3-sign-rsa,x509v3-sign-dss,ssh-dss
    NOTE: These two entries should be just one line each (no wrapping). Also, the host key algo string in your session INI may differ as far as content, what is important is to move ecdsa-sha2-nistp256 so it is the very first one after the equal sign. (Be sure to maintain the format of comma-delimited with no space after the comma for the string of algorithms.)

  • Save changes
Attached Files
File Type: txt ReorderHostKeyAlgoOrderingToPreferSpecifiedAlgo.py.txt (9.2 KB, 3665 views)

VanDyke Software
Technical Support
(505) 332-5730

Last edited by bgagnon; 02-26-2020 at 01:51 PM. Reason: Added script option
Closed Thread

cisco wlc , host key algorithm , key exchange algorithm , protocol error

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT -6. The time now is 01:31 AM.