Working with an older Cisco ASA, I was not able to directly SSH to the host using SSH on Windows unless I specified the diffie-hellman-group1-sha1 algorithm.
PuTTY gives the following warning:
For Windows, I can use the following command to SSH (as well as SCP).
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 user@host