Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
High Sierra SSH Issue with Cisco iOS (ssh_dispatch_run_fatal Invalid key length)

Overview

You must connect to your Cisco device from another machine using an earlier version of OpenSSH as the reason for this error is:

  1. The new version of OpenSSH does not support RSA Host Keys less than 1024 bits in length
  2. The switch by default has an RSA Host Key of less than 1024 bits

The solution is as follows:

Step 1. Connect from another device

You can actually get away with (for now) using Bitvise SSH on Windows and enabling the disabled Algorithms, etc. to allow you to connect to the Cisco device.

Step 2. Zeroize

Run the following commands to zeroize and re-generate your host RSA key:

crypto key zeroize
crypto key generate rsa modulus 2048

Step 3. Reconnect from your Mac

Now you should be able to successfully SSH from your Mac.

@jnovack

This comment has been minimized.

Copy link

commented Jun 21, 2018

This is the only post on the internet that saved me. crypto key zeroize was the key (get it?)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.