If you are using an updated openssh package and suddenly can’t connect to sites that you could before the update, you can add an option to your .ssh/config file (create it if you don’t have one).
If you see this error:
Unable to negotiate with 127.0.0.1: no matching key exchange method found.
Their offer: diffie-hellman-group1-sha1
add this:
Host somehost.example.org
KexAlgorithms +diffie-hellman-group1-sha1
If you see this error:
Unable to negotiate with 127.0.0.1: no matching host key type found.
Their offer: ssh-dss
add this instead:
Host somehost.example.org
HostkeyAlgorithms ssh-dss
There are command line versions of these as well.
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 user@127.0.0.1
ssh -oHostKeyAlgorithms=+ssh-dss user@127.0.0.1
Note: It is worth noting that these weaker cyphers were removed from the configuration for a reason. If there is another way to connect without enabling them, it might be worth considering.
