Suddenly can't push to heroku: “unable to negotiate key exchange method”

牧云@^-^@ 提交于 2019-12-05 00:15:56


"git push heroku" is suddenly failing. (I installed Node.js and I think it may have upgraded some things and broke this somehow.)

I've read all the similar posts; it's not telling me which exchange was 'offered', and everything looks like it matches, but the call fails and I'm at a loss.
I did heroku auth:login successfully.

ssh -v gives me the following:

OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /Users/jeff/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for * <This line is 'Host *'>
debug1: Connecting to [] port 22.
debug1: Connection established.
debug1: identity file /Users/jeff/.ssh/id_rsa type 1
debug1: identity file /Users/jeff/.ssh/id_rsa-cert type -1
debug1: identity file /Users/jeff/.ssh/id_dsa type -1
debug1: identity file /Users/jeff/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version endosome
debug1: no match: endosome
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr none
debug1: kex: client->server aes128-ctr none
Unable to negotiate a key exchange method


I encountered same problem this morning.

I can avoid this problem, with change git remote url as below.



you can use command below

git remote rm heroku git remote add heroku


I ran into the same problem this morning. It was because I was using an outdated ssh client. I suspected that was the problem after reading this answer. On my mac I use homebrew so I was able to install openssh. For me it was just: brew install openssh

Then git push heroku master was successful.

I'm not as familiar with Linux but I suspect you can use a package manager like apt-get.


They recently disabled some older insecure key exchange methods. As Kalimar said, you are probably using an outdated ssh client. If brew install openssh (or equivalent if you're on something other than a Mac) doesn't fix it, or you don't want to do that for whatever reason, another approach is to change the URL to use HTTPS transport. The format is:


First, double-check if the remote heroku is indeed an ssh URL

git remote -v

Then check the content of C:/Users/jeff/.ssh/config which should have an entry, to get the actual private key path used.

If it is an https URL, check your ~/_netrc file, as in "Heroku CLI Authentication".
But for ssh, see Managing Your SSH Keys, and what heroku keys:add returns.