Trouble connecting to a git repo with an SSH key?

Here's how I fixed the problem on a Windows Server 2012 machine

[2 minute read]

Hello, Internet Traveler!

If you’re reading this, I assume you’ve recently encountered an error while trying to connect to a git repository via ssh. One that goes something like this:

Unable to negotiate with legacyhost: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

Here’s a list of all the things that did NOT help me when I encountered that error yesterday:

  • Anything to do with ssh-agent
  • Anything to do with ssh-add
  • Anything to do with the default encryption used with ssh-keygen

So don’t bother looking at any of those things until you’ve tried this first: Create a new file in your .ssh directory named config (no extension) and add the following four lines:

KexAlgorithms +diffie-hellman-group1-sha1
Port 7999
User username@computer-name

Host: This should be the name of your git host. is just an example. Mine was Don’t use an IP address here. It doesn’t work. Or, at least, it didn’t work when I did it. Don’t put the http or https in front of it either. That’s the URL protocol; you only want the hostname.

KexAlgorithms: This should be exactly like I have it here. Yes, it’s “Kex” not “Key”.

Port: Put the port used by your git server here. If you don’t know what port to use, you should probably just use the defaults: 80 for http or 443 for https.

User: Enter your username in the format indicated above. This is the username you used to log into the computer, not your git username. Mine might be nspreitzer@winsvr2012.

Save the file and try connecting to git again. Sucess? Awesome. I hope this saved you the time I lost.

Didn’t work? Then are you SURE you’re using an ssh git url and not an http(s) url? (I’ve made that stupid mistake more than once.) If so, sorry my friend, but I’m all out of suggestions. Back to google you go…