Submit a ticketCall us

Training ClassSign up for Network Performance Monitor (NPM) and Scalability instructor-led classes

Attend our instructor-led classes, provided by SolarWinds® Academy, to discuss the more advanced monitoring mechanisms available in NPM as well as how to tune your equipment to optimize its polling capabilities. NPM classes offered:
NPM Custom Monitoring and Polling
Orion Platform Scalability

Reserve your seat.

Home > Success Center > Server & Application Monitor (SAM) > SAM - Knowledgebase Articles > Supported SSH Ciphers

Supported SSH Ciphers

Updated March 11th, 2016

Overview

 

An Application monitor that is using the embedded ssh client to connect to a node receives an error: .

 

"Cannot connect to SSH service. Could not negotiate encryption algorithm" 

Environment

 

  • Below is current as of SAM 6.4

Resolution

 

Ensure the Environment allows the following:

 

Supported Ciphers:

  • AES-128-CTR
  • AES-192-CTR
  • AES-256-CTR

 

  • AES-128-CBC
  • AES-192-CBC
  • AES-256-CBC

 

  • 3-DES-CBC

 

Supported MACs:

  • HMAC-SHA1
  • HMAC-SHA-96
  • HMAC-SHA-256
  • HMAC-SHA-512

 

Key Exchange:

  • Diffe-Hellman-Group1-SHA1
  • Diffe-Hellman-Group14-SHA1
  • Diffie-Hellman-Group-Exchange-SHA256
  • Diffie-Hellman-Group-Exchange-SHA1

 

Serge Key Algorithm

  • SSH-RSA
  • SSH-DSS

 

These are required for the embedded SSH monitors to work

Cause 

 

Check if there are disabled protocols in the target device \ environment. It can be common for Compliance, which would prevent the use of these ssh monitors.

 

Not Supported Ciphers:

  • ARC FOUR 256
  • ARC FOUR 128
  • ARC FOUR

 

Not Supported MACs:

  • HMAC-RIPEMD160

 

 

 

Last modified

Tags

Classifications

Public