From owner-freebsd-ports@FreeBSD.ORG  Wed Jan 14 16:34:12 2015
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 06436E0F
 for <freebsd-ports@freebsd.org>; Wed, 14 Jan 2015 16:34:12 +0000 (UTC)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21])
 (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 90A1A9BE
 for <freebsd-ports@freebsd.org>; Wed, 14 Jan 2015 16:34:11 +0000 (UTC)
Received: from [10.6.25.100] ([213.61.170.110]) by mail.gmx.com (mrgmx101)
 with ESMTPSA (Nemesis) id 0LqV4f-1XXxP91IQ5-00e4V7; Wed, 14 Jan 2015 17:34:02
 +0100
Message-ID: <54B69A79.3020409@gmx.de>
Date: Wed, 14 Jan 2015 17:34:01 +0100
From: olli hauer <ohauer@gmx.de>
User-Agent: Mozilla/5.0 (Windows NT 5.1;
 rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: =?UTF-8?B?TWFya28gQ3VwYcSH?= <marko.cupac@mimar.rs>, 
 freebsd-ports@freebsd.org
Subject: Re: net-mgmt/rancid and cisco ssh  kexagorhitms
References: <20150114153511.8ed616814cfc49ed21826e28@mimar.rs>
In-Reply-To: <20150114153511.8ed616814cfc49ed21826e28@mimar.rs>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Provags-ID: V03:K0:mKHl0jQLjfzxpyv+vo68H0P7KtYtS6bQ7OdsFXU022ZRBXe2dUG
 twahWPxLZRoJJ9sF5pqlTuLEDMxfhW/Td0H3pwyE7pnK/MymgmaWY2iHMfHnLiHOaeJuMSI
 OE7GZhNN6p4GOHK2RnKUN3TyXHIlbPq0RO+pnWtYjEBg4e7iIaUsY+AGXb7QeAn8ZgvO7+a
 ziYDvIg00EFMEsvqhxnOg==
X-UI-Out-Filterresults: notjunk:1;
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jan 2015 16:34:12 -0000

On 2015-01-14 15:35, Marko Cupać wrote:
> Hi,
> 
> as of FreeBSD 9.3, it is not possible to ssh into some cisco routers
> (namely 1921 and 3925 in my case), unless option -o KexAlgorithms=
> diffie-hellman-group14-sha1 is specified. Probably, as a consequence,
> rancid stopped working for these routers since I upgraded OS on which
> it is installed to 9.3.
> 
> How can I make this work again?
> 
> Thank you in advance,
> 

I had the same issue but there is a simple solution:

$ cat ~rancid/.ssh/config
host host1 host2 host3 IP1 IP2 ...
        KexAlgorithms diffie-hellman-group14-sha1


-- 
HTH,
olli