ssh algorithm negotiation failed

ssh osx openssl ssh-agent ssh-config

Solution 1

Took me a while to get back here to answer my own questions.

Update the Jsch library

Pycharm version 4 contains a library that has a bug. This bug prevents SFTP communication using certain SSH key-exchange-algorithms with anything other than basic Diffie-Helman-group1* ciphers. So, we need to update the library in order for Pycharm to communicate with our VM. Our VM only allows much more modern keys and prevents the legacy Diffie-Helman-group1* ciphers.

Pycharm 4 has an outdated version of a java library called Jsch that it uses to communicate with SFTP (which is needed to transfer the helper files). To resolve this, we just need to update the library.

The updated library was found at sourceforge and is located at: http://sourceforge.net/projects/jsch/files/jsch.jar/0.1.53/

Versions Affected

Mac: Pycharm <= 5
Windows: Pycharm <= 5
Linux: Pycharm < 4? (this bug does not exist in 4.04 on linux)

Download Steps

Download the copy of Jsch from this page (at the top).
Remove the old version: jsch-0.1.51.jar sudo rm /Applications/PyCharm.app/Contents/lib/jsch-0.1.51.jar
Copy the new library pycharm directory: /Applications/PyCharm.app/Contents/lib cp ~/Downloads/jsch-0.1.53.jar /Applications/PyCharm.app/Contents/lib/.
Restart Pycharm

Note: This was fixed in Pycharm 5, and updating fixed it for my coworkers, but if you have other java based applications, this may help you.

Note: I ultimately found this by digging through the Pycharm's log. I could see that there issues regarding the libary and a few google searches later and I found the library on sourceforge.

Solution 2

First: What do you need it for? Wouldn't sshfs do the job better?

Your problem is the opposite. The server offers old (and possibly broken) KeyExchange methods: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1, that are no longer default in current version of openssh server (what is that server? If your sysadmin tells you that it is strict and newer, than it is not true), but should be wokring for clients.

You should try to add to your ~/.ssh/config the line allowing these Kex methods:

KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1

if it will not help for connections in-app, there might be some other way to force to use local config.

saintlyRook

Updated on September 18, 2022

Comments

saintlyRook over 1 year
If I understand correctly, bash is just another user-land program.

So when I type:
```
ls -la
```
or
```
mv myfile.txt myotherfile.txt
```
how does bash feed these commands into the operating system kernel? Is this something to do with POSIX?
- James McLaughlin over 9 years
  
  You know that ls and mv are programs too, right?
- n. m. over 9 years
  
  man 2 fork man 2 execle
User007 over 8 years

I need to set up a python remote debugging session through the Pycharm IDE. Thanks for letting me know that there was no way for in-app connections. I kept digging once I knew there was no other way. It turns out that the issue is in Pycharm afterall. The Jsch library was outdated. Once I updated it, it worked fine. I will delete the question from AskDifferent and repost this question to SO with the answer since I know now it fits more with that community (I'll come back and post the link).