Monday, October 2, 2017

SSH Error When Trying to Connect to a Switch from MacOS Sierra

I love that MacOS has SSH built right into the terminal.  That really makes it easy to manage switches, routers, and firewalls with no extra software.

I did run into one issue after upgrading to Sierra.  When trying to SSH into some older devices, you may see this:

mac:~ user$ ssh user@old-switch.example.org
Unable to negotiate with old-switch.example.org port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

Of course you'll want to upgrade the operating system on your device as soon as possible, but in the meantime you can do the following to fix the issue:


  • Create a file in your home directory named .profile
  • Put the following line in .profile
alias ssh1='ssh -o Kexalgorithms=+diffie-hellman-group1-sha1'
  • Close your terminal window, then open it back up and should be able to use your new ssh1 command to SSH into your device like this:
ssh1 user@old-switch.example.org



That's it!

Here's the one-liner if you're a lazy typer an efficient typer like me:

echo alias ssh1='ssh -o Kexalgorithms=+diffie-hellman-group1-sha1'> ~/.profile


Posted by at 1 comment:

Mac Spotlight Can't Find Your Applications

Have you ever installed an App or Program on you Mac and then noticed that Spotlight can't find it?

Here's how you can fix this problem:


  • Open Finder and click on Applications (we'll come back to this later).
  • Open System Preferences, click Spotlight, and then click the Privacy tab.
  • Drag the Applications icon from the top of your Finder window into the Privacy tab of the Spotlight System Preferences. 
Note: Sometimes it's a little tricky to drag the icons from the top of a finder window.  Trying holding still over the icon after you click it for just a second before you start dragging it.

  • Now select Applications in the Privacy tab of the Spotlight System Preferences and click the minus sign.

Try spotlight again and it should find your new App!

More information: How to rebuild the Spotlight index on your Mac


Posted by at 2 comments:

Wednesday, December 8, 2010

"Auth Fail" on Cisco VoIP Phone during firmware upgrade / downgrade

I manually changed the firmware version on a Cisco 7965 VoIP phone the other day and ran into a strange error message that turned out to be the result of a typo. When the firmware upgrade screen came up on the phone, the upgrade didn't progress and one of the boxes said "Auth Fail". It turns out that I had accidentally told the 7965 to use the firmware from a 7962/7942 phone.

The firmware for a 7945 or 7965 starts with SCCP45 or SIP45, depending on whether the phone is Skinny or SIP. For example, SCCP45.8-5-3S is the current version of the 7965.

The firmware for a 7942 or 7962 starts with a SCCP42 or SIP42. For example, SCCP42.8-4-3S is the version that was selected for the software downgrade.

The 7965 obviously didn't like the 7942/7962 software, and the "Auth Fail" message was the result.


Models and versions: Cisco CP-7965G VoIP phone with firmware SCCP42.8-5-3S, Cisco Unified Communications Manager (CallManager) 6.1.5.10000-10

WARNING: This worked for me, but there is no guarantee that it will work for you. Please understand what you're doing before you change anything.

Posted by at 8 comments:
Labels: , ,

"Pass Limit" error message on Cisco VoIP Phone

I recently plugged in some Cisco 7962 VoIP phones to upgrade their firmware and prepare them for deployment. After the firmware upgrade, a few of the phones were missing the auto-registered directory number (DN) and there was a "Pass Limit" message at the bottom left corner of the screen.

Solution #2 on this page showed me that the problem was related to unassigned DNs. To resolve the issue, I:
  1. Unplugged the phone
  2. In the Cisco Unified CM Administration site, went to "Device" -> "Phone".
  3. "Find Phone where Device Name begins with SEP". I replaced with the hardware address of the phone that wasn't auto-registering.
  4. Clicked the "Find" button.
  5. Selected the box to the left of the phone.
  6. Clicked "Delete Selected".
  7. Plugged the phone back in and it auto-registered normally.
To prevent this from happening, I should clear out my unassigned DNs periodically:
  1. In the Cisco Unified CM Administration site, go to "Call Routing" -> "Route Plan Report".
  2. "Find Unassigned DN Route Plan Report where Pattern/Directory Number begins with ". just means leave that field blank.
  3. Click the "Find" button.
  4. Click "Delete All Found Items" in the "Route Plan Report" menu bar.
Models and versions: Cisco CP-7962G VoIP phone with firmware SCCP42.8-5-3S, Cisco Unified Communications Manager (CallManager) 6.1.5.10000-10

WARNING: This worked for me, but there is no guarantee that it will work for you. Please understand what you're doing before you change anything.

Posted by at 17 comments:
Labels: , ,
Subscribe to: Posts (Atom)