support stronger ssh key exchange algorithm

[aspiers]

I guess that this is an issue not with SyncOrg itself, but with whatever library it uses for ssh, but I'll report it here as a starting point:

My server had

KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256

in /etc/ssh/sshd_config on account of this advice, but that prevents SyncOrg from connecting, resulting in messages like:

sshd[1216]: fatal: Unable to negotiate with [IP address] port 43420: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 

It would be nice if it could support at least one of the two recommended algorithms above.

[hammerandtongs]

The upstream ssh library is

http://www.jcraft.com/jsch/

From there -

"""Key exchange: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521"""

So perhaps your fallback kex isn't happening?

[sleep-walker]

I have the same issue as @aspiers.