If you find yourself needing to SSH into an older APC PDU such as the AP7921 (or basically any appliance without up to date SSH service) and you use a modern OpenSSH, you may see
Unable to negotiate with target-host port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
or
Unable to negotiate with target-host port 22: no matching cipher found. Their offer: blowfish-cbc
Since version 7, OpenSSH has disabled these by default because of known weaknesses, seeĀ www.openssh.com/txt/release-7.0. To talk to these obsolete SSH services, speak the following Ancient Options under a full moon:
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oCiphers=+blowfish-cbc my-user@target-host
.. and the doors to Moria may open.
Edit feb-2019: Recent Ubuntu versions have dropped support for legacy ciphers. You might see this error:
command-line line 0: Bad SSH2 cipher spec '+blowfish-cbc'.
In that case it may be best to install package “openssh-client-ssh1″ and use the “ssh1″ binary instead.