Lee wrote at 17:59 -0400 on Sep 15, 2015: > OpenSSH 7.0 defaults to no support for diffie-hellman-group1-sha1 key > exchange which is a problem with certain devices: > > $ ssh 10.10.3.5 > Unable to negotiate with 10.10.3.5: no matching key exchange method > found. Their offer: diffie-hellman-group1-sha1 > > http://www.openssh.com/legacy.html has two work-arounds: > 1. add "-oKexAlgorithms=+diffie-hellman-group1-sha1" to the ssh > command -- which works for me > 2. add "Host * KexAlgorithms +diffie-hellman-group1-sha1" to > ~/.ssh/config -- which does not work for me > > What's the trick for getting the KexAlgorithms param in ~/.ssh/config to > work? > > $ cat ~/.ssh/config . . > # IOS devices running "Remote protocol version 1.99, remote software > version Cisco-1.25" > # only do diffie-hellman-group1-sha1 for key exchange & OpenSSH 7.0 > has it disabled by default. > # re-enable & add to the end of the list: > Host * KexAlgorithms +diffie-hellman-group1-sha1 . .
The trick is a newline. Host entry on one line, config settings on lines below it. Not a cygwin question. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
