In the field of cybersecurity, hash algorithms play a crucial role in ensuring data integrity and confidentiality. Among various hash functions available today, one of the most widely used algorithms is the Secure Hash Algorithm 1 (SHA-1). 

The primary vulnerability of SHA-1 is its collision resistance, which means that it is possible to find two different messages that produce the same hash value.  Therefore, it is recommended that SHA-1 be disabled on Security Analytics.

1. Log in as 'root' from an SSH terminal session.
   
   
2. Backup the /etc/ssh/sshd_config
   
   cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
   
   
3. Open /etc/ssh/sshd_config with VI (or other text editor).
   
   
4. Apply the below changes
   
   Remove hmac-sha1 from the MACs line (around line 149).  The resulting line should look like this:  
   
   MACs hmac-sha2-256,hmac-sha2-512
   
   Comment the HostKey /etc/ssh/ssh_host_rsa_key line by adding a # at the beginning of the line (around line 187).  The resulting line should look like this:
   
   #HostKey /etc/ssh/ssh_host_rsa_key
   
   Add ecdsa and ed25519 as HostKey parameters.  Add these as new lines to the bottom of the config file
   
   HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
   
   
5. Save the file.
6. Restart sshd service
   
   systemctl restart sshd

sha1