Net::SSH::Exception: could not settle on kex algorithm

updating sshd platform submodule to the latest HEAD breaks capistrano/net-ssh:

--- git/bitmask ‹master› » leap node init local1
 = connecting to node local1
 = installing insecure vagrant key


   - error Capistrano::ConnectionError: connection failed for: local1.bitmask.local (Net::SSH::Exception: could not settle on kex algorithm)

--- git/bitmask ‹master› » leap deploy
hint: use --force to skip this prompt.
Do you really want to deploy from the wrong branch? y
 = checking node

   - error Capistrano::ConnectionError: connection failed for: local1.bitmask.local (Net::SSH::Exception: could not settle on kex algorithm)

"leap ssh local1" works btw

on the node, i see from /var/log/auth.log:

Nov  9 09:50:38 local1 sshd[7581]: fatal: Unable to negotiate a key exchange method [preauth]

this is the change deployed to /etc/sshd/sshd_config:

root@local1:/etc/ssh# git diff sshd_config
diff --git a/ssh/sshd_config b/ssh/sshd_config
index 2ac3601..bfd1cf6 100644
--- a/ssh/sshd_config
+++ b/ssh/sshd_config
@@ -72,6 +72,8 @@ TCPKeepAlive yes
 
 #MaxStartups 10:30:60
 #Banner /etc/issue.net
+# do not reveal debian version (default is yes)
+DebianBanner no
 
 # Allow client to pass locale environment variables
 AcceptEnv LANG LC_*
@@ -94,6 +96,7 @@ AllowTcpForwarding no
 AllowAgentForwarding no
 
 
-Ciphers aes256-ctr
-MACs hmac-sha1
+KexAlgorithms curve25519-sha256@libssh.org
+Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr
+MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com

elijah: i saw that you pinned net-ssh to a certain version (2.7), 3.0.x is available which might fix this, but your comment said that upgrading net-ssh would possibly break capistrano, so i didn't tried it.

(from redmine: created on 2015-11-09, closed on 2015-11-17, relates #6614 (closed), relates #6616, blocks #6796)