I have a security audit program that has flagged this for my Manage Engine server
I have several products running on the same server.
1. Remove arcfour, arcfour128, and arcfour256 from the Ciphers list specified in sshd_config
2. Remove ssh-diffie-hellman-group1-sha1 from the KexAlgorithms
3. Disable any insecure MD5 or 96-bit HMAC algorithms within the SSH configuration.