5

I've started a gerrit server. When I try to ssh to it I get:

Unable to negotiate with 127.0.0.1 port 29418: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

As this is deprecated it needs to be manually enabled (http://www.openssh.com/legacy.html):

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 username@localhost -p 29418

This works fine. Now I want to git clone, but need to pass the KexAlgorithms option to ssh via git. One solution is to add the option to ~/.ssh/config. This is what I added:

Host localhost
    KeyAlgorithms +diffie-hellman-group1-sha1

The problem is I get the following error:

/home/username/.ssh/config: line 6: Bad configuration option: keyalgorithms

There's a HostKeyAlgorithms option that works there but that complains Bad key types '+diffie-hellman-group1-sha1'. How should I configure git/ssh to connect to gerrit?

Community
  • 1
  • 1
jozxyqk
  • 16,424
  • 12
  • 91
  • 180
  • The title says it's complaining about "KexAlgorithms". In the post you say you added "HostKeyAlgorithms", and that it's complaining about "keyalgorithms". Maybe you could clarify what is on line 6 of your config file, and what it's actually complaining about. – Kenster Aug 04 '16 at 10:33
  • @Kenster thanks, that's the issue and I still didn't see it even after messing with it for half an hour. Have updated to make it consistent. Not sure this post is at all constructive now considering it's purely a typo issue. Happy to delete. – jozxyqk Aug 05 '16 at 07:49

1 Answers1

4

You put there different option in the configuration, than on the command line. It should be

Host localhost
    KexAlgorithms +diffie-hellman-group1-sha1

KexAlgorithms are not the HostKeyAlgorithms. They are completely different options with different values serving for different purposes.

Jakuje
  • 24,773
  • 12
  • 69
  • 75