What do the event log message SSH "Protocol major versions differ" and "no hostkey alg" mean?

book

Article ID: 167232

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

You found similar Event log alert as below:

2014-08-06 22:52:53-00:00UTC  "Protocol major versions differ for 10.104.41.11: SSH-2.0-OpenSSH_5.6 vs. SSH-1.5-Nmap-SSH1-Hostkey"  0 45000C:96   sgos_log.cpp:115   
2014-08-06 22:52:54-00:00UTC  "no hostkey alg"  0 45000B:1   sgos_log.cpp:115 

Explanation:
These messages mean the SSH client's major version (the first number) is different from the version supported by the proxy. SSH 2.x is not compatible with SSH 1.x.

The proxy will reject the connection from a different version SSH client and will log the above messages in the event log.
To address this, you need to specify the version by appending a -2 in the command line when connecting the SSH client to the proxy. 

Here is an example:
> ssh -ladmin 10.1.2.3 -2

Alternatively, you may enable SSH version 1 by running below command under 

CLI:
SGOS#(config)ssh-console
SGOS#(config ssh-console)create host-keypair sshv1
SGOS#(config ssh-console)view host-public-key sshv1

notes: It is recommended to use SSHv2 as it is more secure than the SSHv1