SSH - no matching host key type found

Hi all!

I'm for the moment a somewhat happy camper after installing MacOS Sierra. After a few hours, after the update, i was up for some ssh sessions to some of my servers and routers. Hmm, i can't connect to the boxes. What's up?

The first server responded with:

Unable to negotiate with <IPADDR> port 22: no matching host key type found. Their offer: ssh-dss

This issue was solved through a search on Google. The solution was (not to update the server, which i must do soon) to delete the remark pound "#" before the row that starts with "MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160" and add the row "HostkeyAlgorithms ssh-dss" last in the /etc/ssh/ssh_config file. Next i created a separat part for each server, that needs some legacy support

"Host <SRV>

KexAlgorithms diffie-hellman-group1-sha1"

The second server responded with:

Unable to negotiate with <IPADDR> port 22: no matching host key type found. Their offer: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-ed25519

This issue is also solved. This solution wasn't found on Google. I just thought this would work. I just added the algorithms "ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-ed25519" after the "HostkeyAlgorithms ssh-dss" (be sure to add a ",").

Question 1

Anyway...is there any security issues or other concerns that i should know with this lack of support, or is is just okey to add this in /etc/ssh/ssh_config file ?

Question 2

Which of this algos should not or should be used?

"HostkeyAlgorithms ssh-dss,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-ed25519"

Question 3

What is the best practice and recommended configuration for the /etc/ssh/ssh_config file?

All the best!

/J