After hardening the SSH configuration on a Debian server by removing unsecure ciphers and MACs I got in trouble with Eclipse Remote System Explorer.
When trying to open the server, I always got an „Algorithm negotiation fail“ message:
Even installing the missing Unlimited Strength version of Java Crypto Extension which allows key sizes larger then 128 bit doesn’t helped me out.
The problem was the allowed KexAlgorithms and the list of MACs in the configuration:
Ciphers aes256-ctr,aes256-cbc KexAlgorithms diffie-hellman-group-exchange-sha256 MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
After re-enabling the insecure default configuration by commenting out the both lines in the configuration allowed me to reconnect to the server again.
Ciphers aes256-ctr,aes256-cbc #KexAlgorithms diffie-hellman-group-exchange-sha256 #MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
I don’t feel happy about it. But it seems that there is actually no workaround.