Is there a way to restrict IOS ssh server to only accept certain ciphers?

Heath Roberts wrote:

You have control over the version of SSH used on the Cisco device. e.g.: ip ssh version 2

I just did a capture and found the following on the Server Key Exchange which suggests that the SSHv2 on my device, doesn't support single DES:

Take a look and see if you agree:

SSH Protocol SSH Version 2 Packet Length: 276 Padding Length: 4 Key Exchange Msg code: Key Exchange Init (20) Algorithms Cookie: A19351FD6DAA335B5A7EED46E647C9FB kex_algorithms length: 26 kex_algorithms string: diffie-hellman-group1-sha1 server_host_key_algorithms length: 7 server_host_key_algorithms string: ssh-rsa encryption_algorithms_client_to_server length: 41 encryption_algorithms_client_to_server string: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc encryption_algorithms_server_to_client length: 41 encryption_algorithms_server_to_client string: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc mac_algorithms_client_to_server length: 43 mac_algorithms_client_to_server string: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96 mac_algorithms_server_to_client length: 43 mac_algorithms_server_to_client string: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96 compression_algorithms_client_to_server length: 4 compression_algorithms_client_to_server string: none compression_algorithms_server_to_client length: 4 compression_algorithms_server_to_client string: none languages_client_to_server length: 0 languages_server_to_client length: 0 Payload: 0000000000 Padding String:

Best Regards, News Reader

string: none

string: none

Thanks. Restricting to v2 had occurred to me, since I don't think DES is typically included, but I don't see that formally spelled out anywhere, and I would prefer more positive control--what would we do if one of the other protocols is broken in the near future?

Any other options folks can think of?