SSH: "no matching key exchange method found" when KexAlgorithm is listed as available

ssh linux

When I try to ssh to one of my switches I get the following error:

$ ssh remotehost
Unable to negotiate with 1.2.3.4 port 22: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1

If I list available key exchange algorithms I can see that we do have it;

$ ssh -Q kex
...
...
diffie-hellman-group14-sha1
...

Specifying it manually as an option does work, as well as creating an .ssh/config entry for it, but shouldn't this be automatically picked if it's in the kex list?

ssh -o KexAlgorithms=diffie-hellman-group14-sha1 user@remotehost

.ssh/config

Host remotehost
    KexAlgorithms +diffie-hellman-group14-sha1

The diffie-hellman-group1-sha1 key exchange method is disabled by default in recent SSH versions. The config option is your only way to do it. Check the openssh legacy issues page for details

Related

When integrity of an Exchange 2013 mailbox database is questionable, is it safe to simply "move" the mailboxes, or do they have to be exported?
Pass URL component/path to PHP with Nginx
Apache proxy configuration (webapp resources URL truncated)
DDOS protection without IP?
Clearing Tomcat's DNS cache
nginx redirect to domain when user enters IP address
Port 25 "relay send" and TLS
MX Record not showing up even though it is set in Digital Ocean
Managing IP blocking while managing self-hosted mail server
Vsftpd : anonymous configuration for full access
ansible documentation of alternative use of deprecated ALLOW_WORLD_READABLE_TMPFILES
zfs: dataset does not exist