Fortinet Community

StevenT · ‎10-01-2023

Hi,

Recently I upgraded FG401E firmware to 7.2.5.

But i tried to connect SSH via FGT CLI, it had this error.

FGT-FW1# exec ssh usercisco@192.168.0.234
Unable to negotiate with 192.168.0.234: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1

Anyone had this issue before?

dbu · ‎10-01-2023

Hi @StevenT ,

It looks like the key exchange method is not matching between both sides.
Please have a look on how to fix it :

https://community.fortinet.com/t5/FortiGate/Technical-Tip-No-matching-key-exchange-found/ta-p/273990

https://community.fortinet.com/t5/FortiGate/Technical-Tip-SSH-key-exchange-troubleshooting/ta-p/1943...

Regards!

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.

View solution in original post

dbu · ‎10-01-2023

Hi @StevenT ,

It looks like the key exchange method is not matching between both sides.
Please have a look on how to fix it :

https://community.fortinet.com/t5/FortiGate/Technical-Tip-No-matching-key-exchange-found/ta-p/273990

https://community.fortinet.com/t5/FortiGate/Technical-Tip-SSH-key-exchange-troubleshooting/ta-p/1943...

Regards!

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.

Fortinet Community

After firmware upgrade, could not access other device via SSH in FGT CLI