Information
MD5 and 96-bit MAC algorithms are considered weak and have been shown to increase exploitability in SSH downgrade attacks. Weak algorithms continue to have a great deal of attention as a weak spot that can be exploited with expanded computing power. An attacker that breaks the algorithm could take advantage of a MiTM position to decrypt the SSH tunnel and capture credentials and information
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
Edit the /etc/ssh/sshd_config file to set the parameter in accordance with site policy. The following includes all supported and accepted MACs: MACs hmac-sha2-512,hmac-sha2-256