Comment 6 for bug 1445619

Here's the current status following an upgrade yesterday:

 * bazaar.launchpad.net now supports diffie-hellman-group14-sha1, since I backported my change from Twisted trunk, which is the bare minimum for allowing OpenSSH 7.0/7.1 to talk to it. I should be able to do the same for diffie-hellman-group-exchange-sha256 shortly.
 * git.launchpad.net doesn't quite have the equivalent yet, but the hard bits of doing the upgrade are out of the way and we'll be able to upgrade to Twisted 15.5.0 more or less as soon as it's released, which supports both the above key exchange algorithms.
 * upload.ubuntu.com and ppa.launchpad.net will be best tackled by converting txpkgupload from buildout to pip, which shouldn't take too long. After that, it will be in a similar state to git.launchpad.net.

The MAC changes still require upstream work. I think at least minimal SHA-2 support here will be pretty straightforward; the EtM modes will be a little harder but not intractably so.

I have no idea how much work would be required to add EC support, and I don't expect to focus on that for the moment.