SSH fails after upgrade from ONTAP 9.7 to 9.8 error: Unsupported KEX algorithm
Applies to
- ONTAP after upgrade to 9.8 and later
- Secure Shell (SSH) management
- Key Exchange (KEX) Algorithm
Issue
- Unable to login to the cluster via SSH - client shows:
ssh_exchange_identification: Connection closed by remote host.
- Messages.log shows:
Mon Nov 09 2020 17:24:19 +01:00 [auth:error] 1 2020-11-09T17:24:19.300385+01:00 node-01 sshd 20346 - - error: Unsupported KEX algorithm "diffie-hellman-group14-sha1"
Mon Nov 09 2020 17:24:21 +01:00 [auth:CRITICAL] 1 2020-11-09T17:24:21.042063+01:00 node-01 sshd 20426 - - fatal: /etc/ssh/sshd_config line 101: Bad SSH2 KexAlgorithms 'diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521'.
- System Manager (HTTPS access) is not affected and works as expected