another invalid modulus lengh ?

[d94583]

BOL-DC-RW01#
BOL-DC-RW01#
BOL-DC-RW01#
Jan 14 2013 13:37:59.044: SSH1: starting SSH control process
Jan 14 2013 13:37:59.044: SSH1: sent protocol version id SSH-2.0-Cisco-1.25
Jan 14 2013 13:37:59.080: SSH1: protocol version id is - SSH-2.0-SecureCRT_5.0.5 (build 1078) SecureCRT
Jan 14 2013 13:37:59.080: SSH2 1: SSH2_MSG_KEXINIT sent
Jan 14 2013 13:37:59.080: SSH2 1: SSH2_MSG_KEXINIT received
Jan 14 2013 13:37:59.080: SSH2:kex: client->server enc:aes128-cbc mac:hmac-md5
Jan 14 2013 13:37:59.080: SSH2:kex: server->client enc:aes128-cbc mac:hmac-md5
Jan 14 2013 13:37:59.112: SSH2 1: SSH2_MSG_KEX_DH_GEX_REQUEST received
Jan 14 2013 13:37:59.112: SSH2 1: Range sent by client is - 1024 < 2046 < 2046
Jan 14 2013 13:37:59.112: SSH2 1: Invalid modulus length
Jan 14 2013 13:37:59.212: SSH1: Session disconnected - error 0x00
----

Use putty is fine .

I regen the cisco with both 1024 and 2048, none worked . This is on a 5.0.5 SecureCRT.

Dell

[rtb]

Hi Dell,

Please see the post at the following location:

http://forums.vandyke.com/showpost.p...13&postcount=4

Does this information help you resolve the issue?

[d94583]

I can not find the secure.ini no session ini under SecureCRT folder... where are they ?

Dell

[rtb]

Hi Dell,

The location of the configuration folder obtained from the General category of the Global Options dialog.

The Sessions folder which contains the session .ini files are located in the configuration folder.

Does this help?

[d94583]

SecureCRT - Version 5.0.5 (build 1078)
[LOCAL] : Changing state from STATE_NOT_CONNECTED to STATE_EXPECT_KEX_INIT.
[LOCAL] : Using protocol SSH2
[LOCAL] : RECV : Remote Identifier = "SSH-2.0-Cisco-1.25"
[LOCAL] : CAP : Remote can re-key
[LOCAL] : CAP : Remote sends language in password change requests
[LOCAL] : CAP : Remote sends algorithm name in PK_OK packets
[LOCAL] : CAP : Remote sends algorithm name in public key packets
[LOCAL] : CAP : Remote sends algorithm name in signatures
[LOCAL] : CAP : Remote sends error text in open failure packets
[LOCAL] : CAP : Remote sends name in service accept packets
[LOCAL] : CAP : Remote includes port number in x11 open packets
[LOCAL] : CAP : Remote uses 160 bit keys for SHA1 MAC
[LOCAL] : CAP : Remote supports new diffie-hellman group exchange messages
[LOCAL] : CAP : Remote correctly handles unknown SFTP extensions
[LOCAL] : CAP : Remote correctly encodes OID for gssapi
[LOCAL] : CAP : Remote correctly uses connected addresses in forwarded-tcpip requests
[LOCAL] : GSS : Requesting full delegation
[LOCAL] : GSS : [Kerberos] SPN : host@1.2.3.4
[LOCAL] : GSS : [Kerberos] Disabling gss mechanism
[LOCAL] : GSS : [Kerberos] InitializeSecurityContext() failed.
[LOCAL] : GSS : [Kerberos] The specified target is unknown or unreachable
[LOCAL] : SEND : KEXINIT
[LOCAL] : RECV : Read kexinit
[LOCAL] : Changing state from STATE_EXPECT_KEX_INIT to STATE_KEY_EXCHANGE.
[LOCAL] : Available Remote Kex Methods = diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
[LOCAL] : Selected Kex Method = diffie-hellman-group-exchange-sha1
[LOCAL] : Available Remote Host Key Algos = ssh-rsa
[LOCAL] : Selected Host Key Algo = ssh-rsa
[LOCAL] : Available Remote Send Ciphers = aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
[LOCAL] : Selected Send Cipher = aes128-cbc
[LOCAL] : Available Remote Recv Ciphers = aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
[LOCAL] : Selected Recv Cipher = aes128-cbc
[LOCAL] : Available Remote Send Macs = hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
[LOCAL] : Selected Send Mac = hmac-md5
[LOCAL] : Available Remote Recv Macs = hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
[LOCAL] : Selected Recv Mac = hmac-md5
[LOCAL] : Available Remote Compressors = none
[LOCAL] : Selected Compressor = none
[LOCAL] : Available Remote Decompressors = none
[LOCAL] : Selected Decompressor = none
[LOCAL] : SEND : KEXDH_GEX_REQUEST
[LOCAL] : RECV: TCP/IP close
[LOCAL] : Changing state from STATE_KEY_EXCHANGE to STATE_CLOSED.
[LOCAL] : Connected for 0 seconds, 464 bytes sent, 726 bytes received

[rtb]

Hi Dell,

It doesn't look like you have changed the key exchange algorithm as noted in the post I referenced. Would you make that change and let me know if the problem is resolved?