Skip to main content


Eclipse Community Forums

      Home
Home » Eclipse Projects » EGit / JGit » EGit 5.13 clone TFS repository with SSH fail((Unable to negotiate key exchange for kex algorithms))
EGit 5.13 clone TFS repository with SSH fail [message #1842725] Tue, 29 June 2021 13:52 Go to next message
Eclipse UserFriend
I'm posting here because I can't find a solution anywhere esle.

Since my Eclipse (on Windows) updated and is using the last version of EGit I get an error when tring to clone, pull or push from a TFS-Git repository.
It still works with Git Bash and TortoiseGit.

The error is :
Unable to negotiate key exchange for kex algorithms (client: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group18-sha512,diffie-hellman-group17-sha512,diffie-hellman-group16-sha512,diffie-hellman-group15-sha512,diffie-hellman-group14-sha256,ext-info-c / server: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1)


Wich, if I understand correctly, tells me that the server only accept old (and weak) algorithms.
I edited my ".SSH/config" file to add 
KexAlgorithms +diffie-hellman-group1-sha1
but to no avail
I also tried to configure theese algorithms in Eclpses Preferences in "General > Network Connections > SSH2" but to no avail either
Re: EGit 5.13 clone TFS repository with SSH fail [message #1842726 is a reply to message #1842725] Tue, 29 June 2021 15:12 Go to previous messageGo to next message
Eclipse UserFriend
I think that would occur also with EGit 5.12 and probably also with 5.11. Maybe it's time to upgrade this TFS instance to a newer version that does support modern algorithms, or to switch to some other git server altogether.

The KEX Methods and Mac algorithms preferences from Eclipse are ignored by the SSH support in JGit., and yes, JGit doesn't implement the KexAlgorithms ssh config. It just uses its built-in set. We could try to improve that.
Re: EGit 5.13 clone TFS repository with SSH fail [message #1842757 is a reply to message #1842726] Wed, 30 June 2021 11:37 Go to previous messageGo to next message
Eclipse UserFriend
See https://developercommunity.visualstudio.com/t/git-ssh-access-offers-weak-algorithms/921226 .
Re: EGit 5.13 clone TFS repository with SSH fail [message #1842864 is a reply to message #1842757] Sat, 03 July 2021 15:58 Go to previous messageGo to next message
Eclipse UserFriend
I've created bug 574636 for this.
Re: EGit 5.13 clone TFS repository with SSH fail [message #1843152 is a reply to message #1842864] Fri, 16 July 2021 11:19 Go to previous message
Eclipse UserFriend
"KexAlgorithms +diffie-hellman-group14-sha1" should work with EGit nightly now. "diffie-hellman-group14-sha1" is slightly stronger than "diffie-hellman-group1-sha1". But of course you could also enable both via "KexAlgorithms +diffie-hellman-group14-sha1,diffie-hellman-group1-sha1".
Previous Topic:What else can cause "[lock failed]" besides branches that are dups except for case?
Next Topic:EGit cannot find the signing key
Goto Forum:
  


Current Time: Tue May 20 14:05:22 EDT 2025

Powered by FUDForum. Page generated in 0.04853 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly