No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.

Knowledge Base

The SSH Client Cannot Access the NE40E Due to the Improper Key Length

Publication Date:  2012-07-27  |   Views:  201  |   Downloads:  0  |   Author:  SU1001732184  |   Document ID:  EKB0000399861


Issue Description

The SUN server is used by the customer as the SSH client.
Symptom of the fault:
Configure SSH Server on the NE40E. After the configuration, the SSH client, however, cannot access the NE40E. The following information is displayed:
$ ssh -l client001
ssh_rsa_verify: RSA modulus too small: 512 < minimum 768 bits
key_verify failed for server_host_key 

Alarm Information


Handling Process

Change the key length on the SSH client to 1024 as follows. Then the problem is solved.
[NE40E]rsa local-key-pair create
The key name will be: NE40E_Host
% RSA keys defined for NE40E_Host already exist.
Confirm to replace them? [Y/N]:y
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Input the bits in the modulus[default = 512]:1024
Generating keys...
The following window is displayed after the client successfully logs in to the SSH server:
$ ssh -l client001
client001@’s password:
* All rights reserved (2000-2010) *
* Without the owner’s prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
* Notice: *
* This is a private communication system. *
* Unauthorized access or use may lead to prosecution. *
Info: The max number of VTY users is 20, and the number
of current VTY users on line is 1.

Root Cause

Certain tools have restrictions on the key length. For example, OpenSSH specifies that the key length must be equal to or greater than 768 bits.
When the length of the key generated on the client is smaller than 768 bits (the device takes 512 bits as the default key length), the SSH connection cannot be established.