I can see that I can the option reorder/prioritize SSH Encryption Ciphers in the Advanced Site Settings | SSH | Encryption Options. But, to ensure client-server handshake using FIPS 140-2 approved ciphers, I'd like to disable ciphers locally. I can't control external data services providers, but I can, hopefully, control what I'm willing to negotiate to. Is this possible?
Move the ciphers, you do not want to use, below the "warn below here" line.
You can then choose to reject the connection, if there's no cipher, you are willing to use, available.