I keep getting this error
Unable to negotiate with *.*.*.* port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
does anyone know the work around ?
MacBook Pro, iOS 10, SSH
macOS Sierra is rejecting that cipher type because it is very weak (see Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice).
While definitely not recommended, you can downgrade your security to still use it by either:
1) Enabling the diffie-hellman-group1-sha1 key exchange algorithm using the KexAlgorithms option - either on the command line thus:
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 user@legacyhost
or in the ~/.ssh/config file thus:
Host somehost.example.org KexAlgorithms +diffie-hellman-group1-sha1
macOS Sierra is rejecting that cipher type because it is very weak (see Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice).
While definitely not recommended, you can downgrade your security to still use it by either:
1) Enabling the diffie-hellman-group1-sha1 key exchange algorithm using the KexAlgorithms option - either on the command line thus:
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 user@legacyhost
or in the ~/.ssh/config file thus:
Host somehost.example.org KexAlgorithms +diffie-hellman-group1-sha1
SSH not working when connecting to a cisco on new Sierra update.
