When connecting via SSH to older systems who do not support newer ciphers, you will sometimes get the following error:
Unable to negotiate with 10.192.0.47 port 22: no matching key exchange method
found. Their offer: diffie-hellman-group14-sha1
To permanently enable support for this cipher, you need to add the following line to either/etc/ssh/ssh_config
to enable it for all accounts or ~/.ssh/config
for just your account.
Host *
KexAlgorithms +diffie-hellman-group14-sha1
You can change Host *
to specify a specific IP. Ex: Host 111.111.111.111
.
More docs from OpenSSH Legacy Options.