Some of the security concerns, you may need to change SSH’s cipher/MAC and key algorithms. I added basic steps about how to change these configurations for Unix and Linux.
Check existing configuration
Check allowed ciphers, macs, and key algorithms before disable.
# sshd -T | grep "\(ciphers\|macs\|kexalgorithms\)" gssapikexalgorithms gss-gex-sha1-,gss-group1-sha1-,gss-group14-sha1- ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc macs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 kexalgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
Edit SSHD Configuration
You should disable ciphers and macs using the commands below. Remove macs and ciphers that you don’t want to allow then save the file. If there is no ciphers and macs configuration on the SSHD config file, add a new line to the end of the file.
#vi /etc/ssh/sshd_config ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc macs hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512
#service sshd restart
Check the new configuration
# sshd -T | grep "\(ciphers\|macs\|kexalgorithms\)"