Skip to content

Instantly share code, notes, and snippets.

@troyfontaine

troyfontaine/README.md

Created February 6, 2018 06:39
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save troyfontaine/1f66c008e9bbafa00b5bec7989bc220e to your computer and use it in GitHub Desktop.
Save troyfontaine/1f66c008e9bbafa00b5bec7989bc220e to your computer and use it in GitHub Desktop.
Download ZIP
High Sierra SSH Issue with Cisco iOS (ssh_dispatch_run_fatal Invalid key length)
Raw
README.md

Overview

You must connect to your Cisco device from another machine using an earlier version of OpenSSH as the reason for this error is:

  1. The new version of OpenSSH does not support RSA Host Keys less than 1024 bits in length
  2. The switch by default has an RSA Host Key of less than 1024 bits

The solution is as follows:

Step 1. Connect from another device

You can actually get away with (for now) using Bitvise SSH on Windows and enabling the disabled Algorithms, etc. to allow you to connect to the Cisco device.

Step 2. Zeroize

Run the following commands to zeroize and re-generate your host RSA key:

crypto key zeroize
crypto key generate rsa modulus 2048

Step 3. Reconnect from your Mac

Now you should be able to successfully SSH from your Mac.

@jnovack
Copy link

jnovack commented Jun 21, 2018

This is the only post on the internet that saved me. crypto key zeroize was the key (get it?)

@ialshaev
Copy link

ialshaev commented Feb 26, 2021
edited

I am very happy that finally I googled this page. This was helpful!
Thank you!
btw it works not only for MAC (I solved same problem on CentOS)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment