> As far as I can tell there is no way of configuring openssh to avoid > using gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==. It is possible with option "GSSAPIKexAlgorithms", see man page for ssh_config / sshd_config.
However, the default for GSSAPIKexAlgorithms should be adjusted. See patch: https://github.com/felixhaedicke/openssh/commit/11244c7dd5fb5a8d8ecf07016e0d7afff982f0a3.diff
