2 Replies Latest reply on Sep 7, 2017 6:37 PM by farhankhan

    NCM 7.6 SSH problem with Alcatel DSLAMS and OLTs

    farhankhan

      Guys

      I have spent 3 days to figure it out what was the problem as of now dont have time to share all the details with out knowing that some one would really need it or now just give me a yell if some buddy is facing the same problem and ill figure out some time to post the solution details.

        • Re: NCM 7.6 SSH problem with Alcatel DSLAMS and OLTs
          sja

          Hi

           

          Well you call  support or share what the problem..

           

          I have NO problem with those type

           

          ISAM 7360 that run the TiMOS (SROS)

           

          I just use that template make sure that NCM server /poller can ping and SNMP and SSH to the DSLAM.

           

          Allow Terminal Server Support:

           

            • Re: NCM 7.6 SSH problem with Alcatel DSLAMS and OLTs
              farhankhan

              Hi Mate ,

               

              Ok ! let me explain ....

               

              The problem is with NCM's new version (7.6) when you have dis-hmac-sha-1 configured with SSH profile of ISAM / Micronodes / MX-6s (aka ISAM 7363) or ISAM 7330s FTTN .  (However ESS 7450 , 7210 SAS-E /D/S or 7750 SR families are working fine)

              Technical Reason: The current NCM supports 1024 bits  key sizes since it is using diffie-hellman-group-exchange-sha1 and diffie-hellman-group1-sha1 when using SSH.

               

               

              The following list of ciphers is supported right now:

              aes128-ctr,aes128-gcm@openssh.com

              aes128-cbc

              chacha20-poly1305@openssh.com

              3des-cbc,blowfish-cbc

              aes192-ctr,aes192-cbc

              aes256-gcm@openssh.com

              aes256-ctr

              aes256-cbc

              rijndael128-cbc

              rijndael192-cbc

              rijndael256-cbc

              rijndael-cbc@lysator.liu.se

              cast128-cbc

               

              So as of now the solution is to remove dis-mac-sha-1 from node or downgrade the NCM to 7.6 & NPM to 12.0.1

               

               

              Thanks for the suggestion, support is already looking into this matter to addressed my ticket hope they will come back quickly with solution like always