I’ve been using ansible to configure a catalyst 1000 switch for the last few months. Tday I’ve attempted to --check --diff the switch config, only for ansible to return an error about the kex algorithms. This was an issue to begin with and I added the required config to my .ssh/config. I can still manually connect to the switch using ssh <switch IP>: it uses the config and connects fine… so I’m confused why this is no-longer working via Ansible. Can anyone give my any pointers?
Output error section:
The full traceback is:
File "/home/username/repos/ansible/venv/lib/python3.13/site-packages/ansible_collections/ansible/netcommon/plugins/module_utils/network/common/network.py", line 218, in get_capabilities
capabilities = Connection(module._socket_path).get_capabilities()
File "/home/username/repos/ansible/venv/lib/python3.13/site-packages/ansible/module_utils/connection.py", line 183, in __rpc__
raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
fatal: [catalyst1000]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"available_network_resources": false,
"gather_network_resources": null,
"gather_subset": [
"min"
]
}
},
"msg": "ssh connection failed: ssh connect failed: kex error : no match for method kex algos: server [diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1], client [curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256]"
}
PLAY RECAP ***********************************************************************************************************************************************************************************
catalyst1000 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0