Login SSH para o switch Cisco usando chave pública - erro de protocolo, digite 60

Eu emiti um problema estranho ao tentar conectar do sistema Debian ao Cisco C2960 via SSH usando chaves públicas.

Eu gerou chaves no meu cliente Windows XShell (RSA, 1024 bits). Depois eu exportei a chave para o arquivo no formato PEM e enviei para o meu Debian remoto.

Atualizações de configuração na Cisco:

username admin privilege 15
ip ssh pubkey-chain 
username admin
key-string
AAAAB3NzaC1yc2EAAAABIwAAAIEAv69fgC6f9Y3hbxd+IwOmMR
1AYWbEbfb7KCf3O14JK32/DNR5VAa8wq/8yPGajjYXHPXJfwzr
BIjXj2lIQ9iVlj9mGga9nzbQulewJwue2JFuYOydN1phjt5UzG
6e7w+EI/4rzWpllQd40wWDDo2/OKM7++DbQoocMYM1Kg4nogU=
end

Então, por enquanto, se eu tentar conectar via SSH usando a chave privada de qualquer cliente Windows (XShell, Putty) - tudo está OK.

Quando tento conectar da minha máquina Debian - recebo o erro "Disconnecting: protocol error: rcvd type 60".

Esta chave funciona com os switches HP como um encanto, por isso não tenho ideia do que fazer.

Algumas informações de diagnóstico:

root@debian#ssh -vvv -i key.pem admin@cisco-switch-address:
OpenSSH_6.7p1 Debian-5+deb8u3, OpenSSL 1.0.1t  3 May 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to cisco-switch-address [10.10.10.10] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file key.pem type -1
debug1: key_load_public: No such file or directory
debug1: identity file key.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
debug1: Remote protocol version 2.0, remote software version Cisco-1.25
debug1: no match: Cisco-1.25
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "cisco-switch-address" from file "/root/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /root/.ssh/known_hosts:5
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-he1
debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],ecdsa-sha2-ns
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],[email protected],arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-e
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],[email protected],arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-e
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],umac-6
debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],umac-6
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: setup hmac-sha1
debug1: kex: server->client aes128-cbc hmac-sha1 none
debug2: mac_setup: setup hmac-sha1
debug1: kex: client->server aes128-cbc hmac-sha1 none
debug2: bits set: 1013/2048
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Server host key: RSA d3:19:39:d5:df:3a:09:f8:f5:a1:c2:84:c8:da:f6:9a
debug3: load_hostkeys: loading entries for host "cisco-switch-address" from file "/root/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /root/.ssh/known_hosts:5
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "10.10.10.10" from file "/root/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /root/.ssh/known_hosts:6
debug3: load_hostkeys: loaded 1 keys
debug1: Host 'cisco-switch-address' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:5
debug2: bits set: 1045/2048
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: key.pem ((nil)), explicit
debug1: Authentications that can continue: publickey,keyboard-interactive,password
debug3: start over, passed a different list publickey,keyboard-interactive,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: key.pem
debug3: sign_and_send_pubkey: RSA a0:93:b7:5e:9a:e8:ed:4c:34:2b:b1:58:b3:34:ce:b2
debug2: we sent a publickey packet, wait for reply
Disconnecting: protocol error: rcvd type 60