Home AMX User Forum AMX Control Products
Options

SSH communication

After upgrading the biamp audio processor system, I was unable to establish SSH communication with the nx3200-c controller. I used putty to test the ssh connection of biamp and found it to be normal. I have upgraded the controller to the latest version: master 1.8.183; Device 1.1.50, the controller will prompt: Line 170 2024-05-14 (11:10:42):: CIpSocketManager:: acceptedSocketConnection (ssh) - failed to handshake;
Line 177 2024-05-14 (11:12:06):/usr/sbin/rsyslogd integrity validated Hashes match: 35aff7109e5ce35b3b03702cdf5eeefb7e260a6c890ad76d1f2fb14b1c88216
I have tried to set the user password for the biamp audio processor to log in, but still receive an error message. Is this issue due to the higher level of SSH encryption in the upgraded version of biamp and the lower level of SSH encryption in the amx controller, resulting in handshake issues? Is there any solution to this problem? Can using DUET solve the problem?

Comments

  • Options
    Marc ScheibeinMarc Scheibein Posts: 816

    I saw something similar with the new SVSI N2600 series, when secure control is activated. The N2600 manual states that a SSH is required, but didn't get connected with a similar message.

    Later it was found that the manual is confusing, as like with the other SVSI units, secure control is still done by TLS.

    With the N2600, connection is TLS_CLIENT_OPEN() with the last parameter set to "1", to ignore certificate errors (here in that case, because of the certificates are self signed).

  • Options
    ychych Posts: 34

    I understand what you mean. If there is a handshake error prompt, I should use the tls open API interface. Is it possible? If I continue to use the ssh open API and use a key to connect, have you tested this method?

  • Options
    KielLKielL Posts: 33

    I could not get SSH key exchange to work with Tesira so had to give up and fall back to Telnet. I also tested with a Linux server so I could verify the key exchange works with PuTTY but fails from the NX-2200. On the server end it says "Unable to negotiate...no matching host key type found. Their offer: ssh-rsa,ssh-dss [preauth]" when the NX-2200 tries to connect. The only key I have listed in authorized_keys on the server is an ssh-rsa key.

    I don't know if PuTTYgen is exporting the key into a format the NX-2200 can use, but I'm trying the "Export OpenSSH key" option from the Conversions menu. NetLinx Studio says it loads fine to the NX-2200 in Certificate Manager. We moved the Tesira off the customer network and onto the ICS LAN network so having Telnet open isn't so much of an issue anymore.

    I haven't touched any Muse controllers yet, but I imagine modern SSH works fine on those. But then I wouldn't be writing NetLinx code anyway...

  • Options
    ychych Posts: 34

    Later on, I also used telnet to control biamp. I used Java to test SSH connections and it was normal. If I used duet to build jar packages, it should be feasible because official modules use this method!

Sign In or Register to comment.