In a fresh install of Access Manager 4.3 and later, the SSH server is configured only with strong ciphers. However, in an upgraded setup, reconfigure SSH to remove the weak ciphers.
Perform the following steps:
In /etc/ssh/sshd_config (server) and /etc/ssh/ssh_config (client), search for Ciphers. The following is the default configuration:
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
Uncomment this line and replace it with the following value:
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
Restart SSH by running the service sshd restart command.