ssh to Cisco 3750

After updating to IOS C3750-IPSERVICESK9-M), Version 12.2(46)SE, my ubuntu 18.04 based desktop fails to connect with ssh:-

$ ssh -l admin 192.168.1.5
Unable to negotiate with 192.168.1.5 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
$

After trying to offer diffie-hellman, it then failed to match a cypher with:-

$ ssh -l admin -oHostKeyAlgorithms=+ssh-dss -oKexAlgorithms=+diffie-hellman-group1-sha1 192.168.1.2          
Unable to negotiate with 192.168.1.2 port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
$

This problem is caused by the switch not supporting the latest cypher versions, earlier cyphers are considered weak now and the client end has to be downgraded to match what the switch offers. A later IOS if one exists, might support later cyphers, making this page obsolete. But I think I'm on the latest IOS for this switch already.

Adding these settings to my ~/.ssh/config file, it worked, note you can add multiple hosts to one “Host” declaration and you can add several parameters to each block too:-

Host 3750-1 3750-2
    KexAlgorithms +diffie-hellman-group1-sha1
    Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc

Voila!

~$ ssh -l admin 3750-2

Password: 

Welcome to 3750-2
Session established to 3750-2 on line 1
3750-2>