Connection reset by 10.180.20.1 port 22

Using a CentOS 7.9.2009 server I'm trying to ssh v1 using client with v2 into a Cisco router that has SSH v1 (can't be upgraded, I'm anticipating that). I then modified my ssh_config file to allow for the v1 version of ssh by changing the value of the #Protocol 2 line to Protocol 2,1.

When I try to connect but I get this error that is not speaking:

ssh [email protected] -vvv
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug2: resolving "10.180.20.1" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 10.180.20.1 [10.180.20.1] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/audit/.ssh/identity type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/audit/.ssh/identity-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/audit/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/audit/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/audit/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/audit/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/audit/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/audit/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/audit/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/audit/.ssh/id_ed25519-cert type -1
debug1: Remote protocol version 1.5, remote software version Cisco-1.25
debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x60000000
debug1: Local version string SSH-1.5-OpenSSH_7.4
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 10.180.20.1:22 as 'test'
debug1: Waiting for server public key.
Connection reset by 10.180.20.1 port 22

If anyone has ideas on what kind of troubleshooting to do to figure out where the problem is, thank you in advance. At the moment keep in mind that I don't have access to that router I can do the tests on the CentOS machine to which I have access.

I also tried to connect specifying the version v1: ssh -v1 [email protected] -vvv

Too long for a comment. In general:

Debugging server issues is not (only) done from the client side. Don't only report on client-side issues (the ssh -vvv output), also show relevant server configuration & settings, server log and/or error messages. In other words : "what is your Cisco device telling you?"

A random manual from Cisco https://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell-ssh/4145-ssh.html

Suggests show ssh , show ip ssh and show crypto key mypubkey rsa as first debugging steps on the router.

When you say: "I then modified my ssh_config file" I wonder why you change the global configuration /etc/ssh/ssh_config rather than not making any modifications in your personal ~/ssh/config which would be the typical thing to do.

#    For example ˜/.ssh/config
#  Use custom settings when connecting to 10.180.20.1 from: https://serverfault.com/a/1125849/37681

Host 10.180.20.1
  KexAlgorithms +diffie-hellman-group14-sha1
  MACs +hmac-sha1
  HostKeyAlgorithms +ssh-rsa
  PubkeyAcceptedKeyTypes +ssh-rsa
  PubkeyAcceptedAlgorithms +ssh-rsa
  Protocol 2,1

I guess the fact that your client b0rks after:

debug1: Waiting for server public key.

is the relevant debug message: that suggests that your client isn't receiving a server public key.

My first guess is that you omitted to properly configure the Cisco device and didn't generate the proper ssh keys.