"Couldn't agree a key exchange algorithm" error with SSH/SCP connectins to ESXi or vCenter Server Appliance

search cancel

"Couldn't agree a key exchange algorithm" error with SSH/SCP connectins to ESXi or vCenter Server Appliance

book

Article ID: 326844

calendar_today

Updated On: 04-30-2025

Products

VMware vSphere ESX 7.x VMware vSphere ESX 8.x VMware vCenter Server 8.0 VMware vCenter Server

Issue/Introduction

Symptoms:
SSH or WinSCP connection to ESXi host or vCenter Server Appliance fails a message similar to:
Couldn't agree a key exchange algorithm (available: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,)

Environment

VMware vSphere ESX 6.x
VMware vSphere ESX 7.x
VMware vSphere ESX 8.x
VMware vCenter Server

Cause

The Couldn't agree a key exchange algorithm is expected behavior with older versions of PuTTy or WinSCP.

Resolution

To resolve this issue, upgrade PuTTy or WinSCP to the latest version via the below links.
http://www.putty.org/.
https://winscp.net/eng/download.php

Try using PuTTy or WinSCP from a different computer/laptop if applicable.

If still receiving an error while trying to connect to vCenter after upgrading WinSCP, try from a different computer/laptop follow KB Connecting to vCenter Server Virtual Appliance using WinSCP fails with the error: Received too large (1433299822 B) SFTP packet. Max supported packet size is 1024000 B

Feedback

Was this article helpful?

thumb_up Yes

thumb_down No