Cisco can't connect to Juniper device via SSH - Invalid modulus length



When it comes to connecting two devices such as a Cisco and a Juniper, one of the most common issues is a misconfigured SSH connection. This is especially true when attempting to connect a Cisco device to a Juniper device, as the two platforms use different SSH implementations. In this article, we’ll look at a specific issue that can occur when connecting a Cisco device to a Juniper device via SSH: an “invalid modulus length” error.

When connecting a Cisco device to a Juniper device via SSH, the SSH protocol requires the devices to negotiate a cryptographic key exchange. During this process, the devices need to agree on a specific cryptographic key size, or modulus length. If the two devices have different modulus sizes, the SSH connection will fail with an “invalid modulus length” error. This can happen if the Cisco device has a modulus size that is too small for the Juniper device, or if the Juniper device has a modulus size that is too large for the Cisco device.

In order to fix this issue, you will need to configure the modulus size on both devices so that they match. On the Cisco device, you can configure the modulus size using the “ip ssh rsa modulus” command. The modulus size should be set to 2048 or 4096 bits, depending on the requirements of the Juniper device. On the Juniper device, the modulus size can be configured using the “ssh rsa modulus” command.

Once both devices have the same modulus size configured, you should be able to connect them via SSH without any issues. If you are still having issues connecting, it is possible that the devices are using different SSH versions. In this case, you will need to configure the devices to use the same SSH version.

In summary, when attempting to connect a Cisco device to a Juniper device via SSH, an “invalid modulus length” error can occur if the modulus sizes of the two devices are different. To fix this issue, you will need to configure the modulus size on both devices so that they match. Once the modulus sizes are the same, you should be able to connect the devices via SSH without any further issues.

Inquire Now

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Find your next full or part-time role here

ScaleDesk can either help you find your next full time gig or a part time side gig where you can create extra income!

Onboard with us once
Skip HR screening and go to the final interview with with only your resume and a video interview you never have to redo
Get paid electronically every month for the hours you work
We will be your reference even if you work for us once

IT Teams: Use ScaleDesk to augment your team

Schedule Demo