This is due to changes in the supported encryption methods in the updated IOS's and ASA softwares. in your .cloginrc you will want to add a line:
add cyphertype <device> {encryption method} you can find an encryption method your systems are happy with by doing the following: ssh -vv <device> [...] debug2: mac_setup: found hmac-sha1 debug1: kex: server->client aes128-ctr hmac-sha1 none debug2: mac_setup: found hmac-sha1 debug1: kex: client->server aes128ctr hmac-sha1 none [...] with my ASA's i use {aes256-ctr}. james On Mon, Mar 5, 2018 at 6:48 AM, Piegorsch, Weylin William <wey...@bu.edu> wrote: > Hello, > > > > I have a Cisco ASA 5506X device I just deployed (running 9.8(2)20 > version), that rancid’s not logging into properly. Clogincrc is set to > method {telnet ssh} because there’s a plethora of really really old devices > that hang when I try the other way around (and we haven’t been funded to > refresh them nor authorized to remove them). > > > > Here’s what rancid shows: > > > > [rancid@nsgv-prod-59 ~]$ rancid -V > > rancid 3.4.1 > > [rancid@nsgv-prod-59 ~]$ > > [rancid@nsgv-prod-59 ~]$ > > [rancid@nsgv-prod-59 ~]$ > > [rancid@nsgv-prod-59 ~]$ clogin xxxxxxxxxx > > xxxxxxxxxx > > spawn telnet xxxxxxxxxx > > Trying yyyyyyy... > > telnet: connect to address yyyyyyy: Connection refused > > spawn ssh -2 -c > aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc > -x -l rancid xxxxxxxxxx > > > > +------------------------------------+ > > | BOSTON UNIVERSITY | > > +------------------------------------+ > > | !! WARNING !! | > > | AUTHORIZED ACCESS ONLY! | > > | Access to this system is permitted | > > | for authorized persons only. All | > > | connections are logged and | > > | monitored. By accessing this | > > | system, you acknowledge that use | > > | of this and any other technology | > > | at Boston University is subject to | > > | the terms of the Boston University | > > | Conditions of Use and Policy on | > > | Computing Ethics; please see: | > > | http://www.bu.edu/computing/ethics | > > | for details. | > > +------------------------------------+ > > > > rancid@xxxxxxxxxx 's password: > > User rancid logged in to xxxxxxxxxx > > Logins over the last 2 days: 12. Last login: 08:39:20 EST Mar 5 2018 > from zzzzzzz > > Failed logins since the last login: 0. > > Type help or '?' for a list of available commands. > > xxxxxxxxxx/pri/act> rancid > > ^ > > ERROR: % Invalid input detected at '^' marker. > > xxxxxxxxxx/pri/act> en > > Error: Unrecognized command, check your enable command > > able > > Password: > > Password: > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss@shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss >
_______________________________________________ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss