Guest

Preview Tool

Cisco Bug: CSCut28334 - SSH keysize issue in PI 2.2

Last Modified

Sep 27, 2018

Products (1)

  • Cisco Prime Infrastructure

Known Affected Releases

2.1(0.0) 2.2(0.0.69)

Description (partial)

Symptom:
Prime Infrastructure may fail to correctly sync to a number of IOS devices that have "ip ssh dh min size 2048" configured.  In effected devices, the following message may be displayed:

%SSH-3-DH_RANGE_FAIL: Client DH key range mismatch with minimum configured DH key on server

Conditions:
This is most commonly seen on 892, 1811 and 2811 routers, as well as 6500 series switches.

Related Community Discussions

<key>CSCut28334</key> - SSH keysize issue in PI 2.2
Hello!   For Catalyst9300, default is 2048, and cannot bring it lower. Any ideas how to make prime compatible with Catalyst9300? ----------------- sw-c93(config)#ip ssh dh min size ?   2048  Diffie Group 14 2048-bit key   4096  Diffie Group 16 4096-bit key ----------------- Thanks, Antal
Latest activity: May 17, 2018
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.