OpenSSH 7+ deprecates weak key exchange algorithm diffie-hellman-group1-sha1 and DSA public keys for both host and user keys which lead to the following error messages:
Unable to negotiate with 172.16.0.10 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1or a simple permission denied when using a user DSA public key or
Unable to negotiate with 127.0.0.1: no matching host key type found. Their offer: ssh-dsswhen connecting to a host with a DSA host key.
WorkaroundAllow the different deprecated features in ~/.ssh/config
Host myserver # To make pub ssh-dss keys work again PubkeyAcceptedKeyTypes +ssh-dss # To make host ssh-dss keys work again HostkeyAlgorithms +ssh-dss # To allow weak remote key exchange algorithm KexAlgorithms +diffie-hellman-group1-sha1Alternatively pass those three options using -o. For example allow the key exchange when running SSH
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 <host>