I recently noticed when on-boarding a Catalyst switch on 17.6 and 17.9 code that I'm getting tons of the following log messages:
ssh public-key algorithm compliance violation detected.kindly note that weaker public-key algorithm 'ssh-rsa' will be disabled by-default in the upcoming releases.please configure more stronger pk algorithms to avoid service impact.
I know I can suppress these messages in the logs but I was wondering if there is a better way or if there is a roadmap item as to when ssh-rsa will be removed on the Meraki dashboard side and replaced with something else in the future so we don't have to suppress these messages.
Used this command to remove the annoying logs from the buffer logging discriminator MERAKI mnemonics drops SSH_COMPLIANCE_VIOLATION_PK_ALGO msg-body drops (Login Success.*meraki-user|User meraki-user has exited)
After upgrading my 9300 to 17.6.5 I had issues with DMI and netconf
Apr 26 05:42:49.816: %DMI-5-SYNC_START: Switch 1 R0/0: dmiauthd: Synchronization of the running configuration to the NETCONF running data store has started.
Apr 26 05:43:02.472: %DMI-3-SYNC_ERR: Switch 1 R0/0: dmiauthd: An attempt to synchronize the running configuration to the NETCONF running data store has failed:
Apr 26 05:43:02.472: %DMI-3-DMI_DEGRADED: Switch 1 R0/0: dmiauthd: The dmi infra is operating in degraded mode. Most synchronizations from IOS to NETCONF datastore will not be performed
CORE(config)#do show platform software yang process state
Confd Status: Started
Process Status State
nesd Running Active
syncfd Running Active (degraded)
I opened a case with meraki support and they suggested that I remove my descrimanator.
It solved the netconf error. But now my logs are filled with the Deprecation warning message again. Any other solution ? Any idea when meraki will stop using ssh-rsa ?