SSH Shell error after RDM update
Disabled
Hi
I now have v2019.1.32.0 of RMD Free which I have updated and I don't know which version I was using before. I have a few SSH Shell items that were working fine in the previous version but have stopped working now.
SSH Shells use certificate files to connect and I get error message like "The entry's public key doesn't match the server's key". But I can connect to the same servers with the same key file using power shell.
The previous version only had a "Private Key" tab in the properties window where I defined the file key. The new version has this "Set public key" button under the host address in the properties window alongside the Private Key tab. And I should use it because otherwise it will always ask for a password.
How can I fix this?
All Comments (15)
Hello,
Thank you for contacting support departments, in the meantime we are doing the diagnostic could you test this workaround: enable *Legacy Terminal* under *File > Options > Types > Terminal > Advanced* .
For the issue could you please send us your logs?
https://devolutions.atlassian.net/servicedesk/customer/portal/1/topic/dddd3564-78f7-4943-941e-45d9117806be/article/608731251
Best regards,
David Grandolfo
I'm sorry but no luck.
I get the same response again
Hello,
Thanks for the test, if the legacy mode does not work this mean the issue is not related to our new SSH engine but something else.
Unfortunately we haven't received the logs, could you please tell me if you sent them by email at ticket@devolutions.net or somewhere else?
Regards,
David Grandolfo
Hi, We got the same error in the update 2020.3.23.0 64bit
When using your advice to change to legacy it works.
The following error does occur:
Best regards,
Kaj Graficom
2020-12-21 09_55_45-rdp mngmt server graficom man management full - 10.100.2.141 - Remote Desktop .png
Hello Kaj,
Thank you for reaching out to Devolutions Support.
The error you have encountered is a slightly different one, first introduced following a change we did in RDM RDM 2020.3.12.0. Starting with this version, SSH Shell no longer enabled unsecured algorithms by default.
The simple way to resolve this is to go into your entry's Properties, go to the Advanced tab and find the "Algorithm support" field. You will need to set it to "Custom" then press the "..." button and check all algorithms in all sections. (Cipher, Host key, Kex, and MAC)
For more information on the subject, as well as the procedure to apply this solution globally instead of on specific entries, I invite you to consult our knowledge base article on the topic :
https://kb.devolutions.net/rdm_ssh_algorithm_support.html
Best regards,
Gabriel Degrandpré
So we need to change all the SSH entries?
Best regards,
Kaj Graficom
Okay that works, but it is not something we want! Is there an option to force this for everyone?
Best regards,
Kaj Graficom
Hello,
As mentioned in the help topic, it's also possible to globally reactivate all the algorithms by using the File - Options - Types - Terminal - Algorithm support menu.
Best regards,
Gabriel Degrandpré
Hello,
I saw that but we have more then one user.. We want to enable this through datasource our something.
Best regards,
Kaj Graficom
Hello Kaj,
You can modify multiple SSH entry at the same time, you simply need to select all the SSH entries in RDM, do a right-click, Edit, Edit (special Actions)
Select Custom PowerShell Command:
Enter the following script and press ok:
$Connection.Terminal.AlgorithmSupportMode = "Custom" $Connection.Terminal.SshAlgorithmCipherList = "aes256-gcm@openssh.com=True;aes128-gcm@openssh.com=True;aes128-cbc=True;aes192-cbc=True;aes256-cbc=True;rijndael-cbc@lysator.liu.se=True;3des-cbc=True" $Connection.Terminal.SshAlgorithmHostKeyList = "ssh-dss=True" $Connection.Terminal.SshAlgorithmKexList = "diffie-hellman-group14-sha1=True;diffie-hellman-group-exchange-sha1=True;diffie-hellman-group1-sha1=True" $Connection.Terminal.SshAlgorithmMaclist = "hmac-sha1-96=True;hmac-sha1=True;hmac-md5-96=True;hmac-md5=True" $RDM.Save();
You should then be able to connect normally to your SSH connections.
Best regards,
Richard Boisvert
What can we do to fix this so RDM can connect to an SSH session(switch)?
Best regards,
Kaj Graficom
Thank you we will do this
Hello Kaj,
You can modify multiple SSH entry at the same time, you simply need to select all the SSH entries in RDM, do a right-click, Edit, Edit (special Actions)
Select Custom PowerShell Command:
Enter the following script and press ok:
$Connection.Terminal.AlgorithmSupportMode = "Custom" $Connection.Terminal.SshAlgorithmCipherList = "aes256-gcm@openssh.com=True;aes128-gcm@openssh.com=True;aes128-cbc=True;aes192-cbc=True;aes256-cbc=True;rijndael-cbc@lysator.liu.se=True;3des-cbc=True" $Connection.Terminal.SshAlgorithmHostKeyList = "ssh-dss=True" $Connection.Terminal.SshAlgorithmKexList = "diffie-hellman-group14-sha1=True;diffie-hellman-group-exchange-sha1=True;diffie-hellman-group1-sha1=True" $Connection.Terminal.SshAlgorithmMaclist = "hmac-sha1-96=True;hmac-sha1=True;hmac-md5-96=True;hmac-md5=True" $RDM.Save();
You should then be able to connect normally to your SSH connections.
Best regards,
Best regards,
Kaj Graficom
Hello Kaj,
My pleasure, let us know if you encounter any issue after running the script.
Best regards,
Richard Boisvert
Hello Kaj,
My pleasure, let us know if you encounter any issue after running the script.
Best regards,
Do you know how we can fix the switches, so RDM does not need to be modified?
Best regards,
Kaj Graficom
Hello Jan,
The change was made for security reasons, independent of the remote device you are connecting to.
If it is impossible to change the algorithm used for the ssh session you are connecting to, we recommend creating a template, and create new entries from it. For more information on templates, you can refer to our online help:
https://help.remotedesktopmanager.com/commands_creatingtemplates.html
Best regards,
Richard Boisvert