Welcome to the VanDyke Software Forums

koenv · #1 04-04-2016, 08:20 AM

I was trying to connect to some Cisco switches but was failign with the following error:

Code:

Key exchange failed.
No compatible key exchange method. The server supports these methods: diffie-hellman

And indeed, in SecureCRT the diffie-hellman key exchange is indeed disabled by default. Enabling it fixed my issue but now I'm wondering..
Is there a reason why this is disabled by default? Is it less secure or anything like that? Should I leave is disabled for those sessions that don't require it?

bgagnon · #2 04-05-2016, 11:46 AM

Hi koenv,

The change was implemented in 8.0 Beta 1, and is related to the news surrounding the Logjam vulnerability. The Logjam vulnerability in and of itself is not applicable to SecureCRT (since SecureCRT is not an SSL v3 client), but information from the authors who conducted the associated research indicate that 1024-bit primes are subject to brute-force nation-state cracking and actually mention SSH servers being potentially susceptible (those which enable / use / allow diffie-hellman key exchange with 1024-bit or lesser primes).

See the following articles for more information about the weakness of diffie-hellman, 1024-bit primes, etc.:

https://www.schneier.com/blog/archiv...gjam_and_.html
https://weakdh.org (particularly point #2 which talks of nation-states being able to break a 1024-bit prime).

Because of this new research, diffie-hellman can largely be considered as weak/deprecated much the same way as 3DES and MD5 are now considered weak/deprecated.

For the security-minded professional, diffie-hellman should be left disabled, and only enabled in those rare circumstances where the device to which you are connecting does not support anything newer/stronger/better.

Note: "diffie-hellman" is not the same as "diffie-hellman-group14" (uses the Oakley Group 14 2048-bit prime -- see RFC 3526), which is considered to be more secure than diffie-hellman (uses the Oakley group 2 1024-bit prime -- see RFC 2409).

Then there is "diffie-hellman-group" key exchange in which the client and the server negotiate regarding the size of primes that will be used/allowed during key exchange (see RFC 4419). This "diffie-hellman-group" key exchange method is also considered more secure AS LONG AS the list of primes configured to be used on the server side are > 1024-bits in size. This new information is also why as of version 4.1 of our VShell SSH2 server product, the list of primes available for diffie-hellman-group key exchange no longer include any that are < 1536-bits in size.

theodoxa · #3 09-09-2016, 11:18 AM

We have switches configured for SSH. SecureCRT has no problem with some, but complains about others. The only configuration is specifying SSH on the VTY lines and creating a 1024 bit RSA Key.

Since it is working with some switches with 1024 bit keys, the key size doesn't seem to be the problem. I have noticed that all the problematic switches are slightly older (2960/2960-S/3560 vs. 2960-X/3750-X), so I'm thinking Cisco changed a default setting, but I don't know what it is to change it on the other switches. Does anyone know how to make the switches play nice with SecureCRT?

bgagnon · #4 09-09-2016, 11:59 AM

Hi theodoxa,

What version of SecureCRT are you using?

What is the specific message that you receive?

theodoxa · #5 09-13-2016, 10:23 AM

Quote:

Version 8.0.3 (x64 build 1183) - Official Release - September 8, 2016

Quote:

Key exchange failed.
No compatible key-exchange method. The server supports these methods: diffie-hellman

The diffie-hellman key-exchange method is off by default to address the Logjam
vulnerability. It can be turned on in the Sessions Options dialog in the
Connection/SSH2 category in order to connect to servers that only support
diffie-hellman.

..........

bgagnon · #6 09-13-2016, 12:42 PM

Hi theodoxa,

The solution is contained within the quoted message:

Quote:

The diffie-hellman key-exchange method is off by default to address the Logjam vulnerability. It can be turned on in the Sessions Options dialog in the Connection/SSH2 category in order to connect to servers that only support diffie-hellman.

See attached screenshot showing a default config as of v8.0.x:

If you enable diffie-hellman key exchange, is the issue resolved?