Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Server & Application Monitor (SAM) > Supported SSH Ciphers

Supported SSH Ciphers

Updated March 11th, 2016

Overview

 

An Application monitor that is using the embedded ssh client to connect to a node receives an error: .

 

"Cannot connect to SSH service. Could not negotiate encryption algorithm" 

Environment

 

  • Below is current as of SAM 6.4

Resolution

 

Ensure the Environment allows the following:

 

Supported Ciphers:

  • AES-128-CTR
  • AES-192-CTR
  • AES-256-CTR

 

  • AES-128-CBC
  • AES-192-CBC
  • AES-256-CBC

 

  • 3-DES-CBC

 

Supported MACs:

  • HMAC-SHA1
  • HMAC-SHA-96
  • HMAC-SHA-256
  • HMAC-SHA-512

 

Key Exchange:

  • Diffe-Hellman-Group1-SHA1
  • Diffe-Hellman-Group14-SHA1
  • Diffie-Hellman-Group-Exchange-SHA256
  • Diffie-Hellman-Group-Exchange-SHA1

 

Serge Key Algorithm

  • SSH-RSA
  • SSH-DSS

 

These are required for the embedded SSH monitors to work

Cause 

 

Check if there are disabled protocols in the target device \ environment. It can be common for Compliance, which would prevent the use of these ssh monitors.

 

Not Supported Ciphers:

  • ARC FOUR 256
  • ARC FOUR 128
  • ARC FOUR

 

Not Supported MACs:

  • HMAC-RIPEMD160

 

 

 

Last modified
10:23, 1 May 2017

Tags

Classifications

Public