Information
System-wide Crypto policy can be over-ridden or opted out of for openSSH
Rationale:
Over-riding or opting out of the system-wide crypto policy could allow for the use of less secure Ciphers, MACs, KexAlgorithms and GSSAPIKexAlgorithm
Solution
Run the following commands:
# sed -ri 's/^s*(CRYPTO_POLICYs*=.*)$/# 1/' /etc/sysconfig/sshd
# systemctl reload sshd
Additional Information:
NIST SP 800-53 Rev. 5:
SC-8