Looks like the server and client don’t find a common authentication method.
I just got that with a sun cluster here: It only supports diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
, but my Gentoo GNU/Linux ssh server seems to have dropped the group1 algo.
Fixed by changing /etc/ssh/sshd_config
on the ssh server to include
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521
I fear, though, that there was a reason for removing the group1 algorithm from the default. I would not do this on a publicly accessible box.
For reference also see https://security.stackexchange.com/questions/25662/openssh-default-preferred-ciphers-hash-etc-for-ssh2