I built a CLI shortcut to ssh the config over to an Ubuntu box (with an SMB share mounted to the user home directory).
cli alias name archive copy startup-config scp://sw-backup@1.1.1.3//home/sw-backup/Cisco/Switch/Nexus/NexusB vrf default
This is so I can easily push my config out to a Windows file server via the "SSH gateway" box. I tried some freebie and Trial SSH Server software on Windows and had too many reliability issues. That was resolved with the Linux box in the middle. It's been stable for quite some time.
I copy files over to this server from all of our routers, switches and Call Manager backups.
I recently updated Nexus to version 7.1(4)N1(1). Now when I attempt to copy I receive an error:
nnn-nexus-b# archive
No matching ciphers found. Client (10.130.9.35) supported ciphers :
aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.
se .Server supported ciphers : chacha20-poly1305@openssh.com,aes128
-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openss
h.com
lost connection
nnn-nexus-b#
I found the following that looks promising:
The above link references the SSH Server on the Nexus. I'm reaching out to an Ubuntu 16.04.1 LTS machine. I can't enable the bash shell feature on the 5548UP. I'm guessing I can disable the weak ciphers on Ubuntu.
Here lies the problem. Call Manager backups, IOS and IOS-XE devices are still using the weak cipher if I understand what's going on correctly. If I change the Ubuntu box, I'll break all of these.
What are some thoughts on how to work around this?
Thanks, B-Dog
