Hi All.

After setting up a 3750G for SSH access I've been getting the below warning.

"the first key-exchange algorithm supported by the server is deffie-helman-group1-sha1 which is below the configured warning threshold..."

I upgraded to the recommended IOS of 12.2(55)SE12 which is documented for WS-C3750-24PS V02 so that I could run SSH Version 2, I still get the above warning.

After a little research it seems that I should be running the latest IOS of 15.0(2)SE11.

My switch is a WS-C3750G-24PS-S V05 with 32Mb flash, should I consider upgrading to v15.0? I can't find the Cisco literature for this exact model to confirm the required flash memory requirements for IOS v15.0.

Cisco IOS Software, C3750 Software (C3750-IPBASEK9-M), Version 12.2(55)SE12, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2017 by Cisco Systems, Inc.
Compiled Thu 28-Sep-17 02:29 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02D00000

ROM: Bootstrap program is C3750 boot loader
BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)

Mario uptime is 1 day, 0 minutes
System returned to ROM by power-on
System image file is "flash:c3750-ipbasek9-mz.122-55.SE12.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco WS-C3750G-24PS (PowerPC405) processor (revision F0) with 131072K bytes of memory.
Processor board ID FOC1301Z0RJ
Last reset from power-on
3 Virtual Ethernet interfaces
28 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : 00:24:98:00:E7:00
Motherboard assembly number     : 73-10217-07
Power supply part number        : 341-0108-03
Motherboard serial number       : FOC12527HS8
Power supply serial number      : AZS123017UW
Model revision number           : F0
Motherboard revision number     : C0
Model number                    : WS-C3750G-24PS-S
System serial number            : FOC1301Z0RJ
Top Assembly Part Number        : 800-26855-01
Top Assembly Revision Number    : E0
Version ID                      : V05
CLEI Code Number                : CNMWR00ARC
Hardware Board Revision Number  : 0x09


Switch Ports Model              SW Version            SW Image                 
------ ----- -----              ----------            ----------               
*    1 28    WS-C3750G-24PS     12.2(55)SE12          C3750-IPBASEK9-M         


Configuration register is 0xF
 --More--         
Mario#dir
Directory of flash:/

    2  -rwx         736   Mar 1 1993 00:03:30 +00:00  vlan.dat
    4  -rwx    12111413   Mar 2 1993 00:28:39 +00:00  c3750-ipbasek9-mz.122-55.SE12.bin
    5  -rwx        2072   Mar 1 1993 03:29:59 +00:00  multiple-fs
    6  -rwx        1928   Mar 1 1993 03:29:59 +00:00  private-config.text
    7  -rwx        3844   Mar 1 1993 03:29:59 +00:00  config.text

32514048 bytes total (20391424 bytes free)
Mario#sh ssh
%No SSHv1 server connections running.
Connection Version Mode Encryption  Hmac State               Username
0          2.0     IN   aes256-cbc  hmac-sha1    Session started       admin
0          2.0     OUT  aes256-cbc  hmac-sha1    Session started       admin
Mario#

Thanks for any advise.

Phill