PuTTy Couldn't Agree A Key Exchange Algorithm: Quick Fix

The PuTTy couldn't agree a key exchange algorithm error appears due to incompatibility of the mutually supported key exchange algorithm (KEX) between PuTTy and the server.

This article deep dives into various solutions to help you quickly resolve the key exchange algorithm error to secure a smooth connection. Let's find out!

Before Troubleshootings:

Proven Solutions to fix:

Part 1: An Overview of the Key Exchange Algorithm Issue

A key exchange algorithm (KEX) is a protocol that is used during a secret negotiation between the client and the remote server. It should be mutually supported by both parties for a successful SSH connection. Otherwise, you will get the PuTTy couldn't agree a key exchange algorithm error.

Some of the probable reasons for the KEX authentication issue include:

• Outdated PuTTy version, especially PuTTy 0.65 or older..
• Mismatched algorithm configuration between PuTTy and the remote server.
• Issues in the server-side configuration like if it's configured to specific algorithms not supported by PuTTy.

Because of these factors, most of the solutions in this guide pertain to PuTTy and the server's configuration settings.  

Part 2: How to Fix PuTTy Couldn't Agree A Key Exchange Algorithm

Below is a step-by-step guide for implementing each solution:

Solution 1: Change the Preferred SSH Protocol Version

One proven trick to fix Putty's Key Exchange Algorithm Agreement error is to change the preferred SSH protocol version. Here are the steps to do that:

Step 1: Head to the PuTTY Configuration window and select "SSH" in the left-hand tab.

Step 2: Choose the appropriate version under the "Preferred SSH protocol version" option, like 2 or 2.1.

Step 3: Hit Apply to save the changes and then, click Open to start a new SSH session.

Hopefully, it will help you resolve the 'Key Exchange Algorithm Agreement' error in Putty. If not, keep reading.

Solution 2: Verify PuTTy Configuration

If PuTTy is still displaying the "couldn't agree a key exchange algorithm" error after the update, check its configuration settings. To do that:

Step 1: Launch PuTTy and head to Connection > SSH > Auth.

Step 2: Now, go to the authentication settings and confirm the "Key exchange" option is not empty.

Step 3: Also, make sure the selected algorithm is compatible with both PuTTy and the server.   

Solution 3: Update the Server's SSH Software

Do you have access to the server? If yes, make sure the SSH server you're using (like OpenSSH) is updated. An outdated server's version often leads to compatibility issues with modern clients, causing the PuTTy couldn't agree a key exchange algorithm error.

Follow the below steps to check the server version and update it:

Step 1: Log into the server and run the below command on the server to check the version of OpenSSH:

Step 2: Now, use the package manager to update the server:

Step 3: Finally, restart the server:

Solution 4: Manually Configure the PuTTy Key Exchange Algorithm

The next fix is to manually configure the key exchange algorithms used by the that SSH server during the connection process. Many users on Reddit have reported that this simple solution can produce positive results.

To do that:

Step 1: Launch PuTTy and go to Session.

Step 2: Now, select Connection > SSH > Kex (Key exchange) to see a list of key exchange algorithms.

Step 3: Manually reorder them or add new algorithms supported by the server. Some of the algorithms include:

Step 4: Now, try connecting to the server again to test your efforts.

Solution 5: Check and Update Server-Side SSH Configuration

If you still getting the Key Exchange Algorithm Agreement error, time to check the server's configuration. Make sure it supports the necessary key exchange algorithms.

For that:

Step 1: Go to the server and look for the SSH configuration file in /etc/ssh/sshd_config.

Step 2: Now, locate the KexAlgorithms line. If it's not present, manually add the file along with a list of supported algorithms, like:

Step 3: Finally, restart the SSH service using the command:

Solution 6: Use a Different Client

As a last resort, try using another SSH client to check if it supports the same key exchange algorithms. Some possible options include:

• MobaXterm
• Bitvise SSH Client

If you manage to establish a connection with these clients, the issue relates to the PuTTy's configuration. In this scenario, the best option is to seek professional support.

Bonus Tip: Get Unattended Access to Remote Windows Servers

If you're someone who has to perform remote tasks frequently or manage multiple PCs in a work environment, try this wonderful product called AirDroid Remote Control. It is a powerful remote control and management tool, designed for both individuals and small enterprises.

With AirDroid, you can instantly secure a connection with both attended and unattended devices. On top of that, it enables you to force a black screen at the remote end to ensure privacy from the passersby. This means you can keep using the office PC from your home without anyone knowing.

Similarly, the company owners can leverage its stellar management features to improve collaboration, supervision, and automation of tasks.

FAQs

Q1: How can I check what algorithms the server supports?

To check the key exchange algorithms supported by the SSH server, use the ssh -Q kex command. It displays the list of all the available exchange algorithms on the server.

Q2: Can I enable additional algorithms in PuTTy?

Yes, PuTTy allows users to add additional algorithms. Navigate to the from the "key exchange" option in PuTTy configuration to add the preferred algorithms.

Q3: How to Update PuTTy?

Using an older PuTTy version is the leading cause for encountering the PuTTy couldn't agree a key exchange algorithm error. This is especially true if you're using the PuTTy 0.67 version or older.

PuTTy regularly rolls out new updates to make it compatible with the advanced encryption protocols. Follow the below steps to update your PuTTy tool:

Step 1: Head to the PuTTy website and download the latest version.

Step 2: Install the program and set it up.

Now, try the SSH connection again to check if the issue persists.

Final Remarks

And that's all for today. This article has provided a comprehensive guide to resolving the Key Exchange Algorithm Agreement error issue. As it primarily relates to the PuTTy's update or configuration settings, you should face no trouble establishing a secure SSH connection.  

Moreover, we recommend using AirDroid Remote Control as a one-stop solution to secure unattended access to your remote Windows PCs. It helps you:

• Get complete control of the remote Windows from both desktop and mobile devices.
• Transfer files to the remote device effortlessly.
• At the enterprise level, it allows you to control all the IT assets from a single dashboard.
• Perform functions like permission management for each device, check server logs remotely, voice chatting, and real-time screen sharing.

Thank you!