SSH-Audit failing


I’ve been attempting to harden my SSH setup with this audit due to this machine being exposed to the internet, however despite specifying my host-key algorithm for some reason ssh-rsa (4096-bit) and ecdsa-sha2-nistp256 keep showing up as being used.

Only thing I changed was adding this to my sshd_config file.

KexAlgorithms curve25519-sha256,,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256

Anything else I need to add or remove elsewhere? Thanks!