View categories
Insecure and weak SSH algorithms disabled for Git service
Change effective on 17 October 2017
We strengthened the SSH transport for our Git service by disabling the following algorithms:
- Key exchange algorithms
- “diffie-hellman-group14-sha1”
- “diffie-hellman-group1-sha1”
- Encryption algorithms
- “arcfour256”
- “arcfour128”
- Mac algorithms:
- “hmac-sha1”
- “hmac-sha1-96”
If you’re using one of these algorithms, you should expect to see the following error:
$ git push heroku master
Unable to negotiate a key exchange method
You’ll need to upgrade your SSH client or change to HTTP transport to ensure secure transfer.