Tag: cisco

Legacy SSH key exchange workaround

Cisco switches sometimes last longer than their cryptographic algorithms. You can fix this by purchasing a new switch (dah) or by enabling the old, and most likely weak, key exchange algorithm for the affected hosts in ~/.ssh/config. If that didn’t help and you get something like this: Then, the simplest workaround is to globally enable…

August 16, 2024
Cisco Catalyst slow SCP fix

Cisco released the following command in IOS-XE 17.2.6. This essentially increases the window-size for SCP which allows for more throughput – and it is very noticeable: an IOS-XE image is around 1.2 GB, and this new command makes SCP go from hours to minutes. Here is an Ansible example showing how to utilize this new…

July 23, 2024

Legacy SSH key exchange workaround