[6450] SSH(2?) key, KexAlgorithm

[ghost]

Thank you for Brocade ICX Series (cheap & powerful 10gbE/40gbE switching).

Just had some questions about things I had to do that weren't covered by the
guide.

https://fohdeesha.com/docs/icx6xxx-adv.html#optional-key-based-ssh-access

...The default settings of RSA @ 2048 bits works without issue....

This doesn't seem to be the default anymore (at least on Linux):

$ man ssh-keygen
-b    ...For RSA keys, the minimum size is 1024 bits and the default is 3072 bits....

Old SSH server
I also had to convert to SSH2 format or I got this error:

ip ssh pub-key-file tftp TFTP-IP public.key
ERROR: key# 1 must begin with ---- BEGIN SSH2 PUBLIC KEY ----
Error in SSH Public Key file!

Trying to ssh when everything is setup gives:

$ ssh USER@SWITCH-IP
Unable to negotiate with SWITCH-IP port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
$ ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 USER@SWITCH-IP
Unable to negotiate with SWITCH-IP port 22: no matching host key type found. Their offer: ssh-rsa
$ ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-rsa USER@SWITCH-IP
SSH@HOSTNAME>

Adding the changes to ssh/config
Make this persistent by adding something like this to ~/.ssh/config:

Host HOSTNAME
	KexAlgorithms +diffie-hellman-group1-sha1
	HostKeyAlgorithms +ssh-rsa
	Hostname SWITCH-IP

If none of this is wrong I think it should be added to the guide.

[ManoftheSea]

Fixed by #41