I don't know of any existing SMG specific how-to/tutorial and I don't think I could fit everything into a forum post, so I'll try to cut this down as much as possible.
Here is the "proposed" list from an SMG running 10.7.5 that is using the "default" (i.e. you haven't used sshd-config to change anything) and the
KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
I have highlighted the one you are concerned about as well as the group14, which is still considered "OK", but you may want to exclude as well.
so you are looking at something like:
[10.7.5-4]> sshd-config -k 'curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256'
Previous setting for KexAlgorithms:
default
New setting for KexAlgorithms:
curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
Do you wish to make this change? (yes/no) yes
At which time your existing ssh session will be killed, due to sshd daemon restart, and you will have to re-login and you can run the sshd-config -v to see how things look...
[10.7.5-4]> sshd-config -v
Attribute 'protocol' is set to 'default'.
Attribute 'ciphers' is set to '3des-cbc,blowfish-cbc,cast128-cbc,aes128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr'.
Attribute 'macs' is set to 'hmac-sha2-256,hmac-sha2-512'.
Attribute 'kexalgorithms' is set to 'curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256'
To verify that things are working the way you expect, go to another Unix/Linux box that has the ssh client installed and try to access your SMG using one of the deleted key exchange algorithms:
[tpa-nut80 ~]$ ssh -ladmin -o'kexAlgorithms diffie-hellman-group-exchange-sha1' mysmg
Unable to negotiate with 10.33.24.123 port 22: no matching key exchange method found. Their offer: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
One more time with something that "should" work:
tpa-nut80 ~]$ ssh -l admin -o'kexAlgorithms diffie-hellman-group-exchange-sha256' mysmg
admin@10.33.24.123's password:
Last login: Mon Dec 6 17:07:58 2021 from 10.230.0.131
[10.7.5-4]>
Hopefully this gets you where you want to be!