To disable RC4 and use secure ciphers on SSH server set the following in `/etc/ssh/sshd_config `

    Ciphers [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr

Make sure your ssh client can use these ciphers, run `ssh -Q cipher` to see the list.

You can also instruct you SSH Client to negotiate only secure ciphers with remote servers. In `/etc/ssh/ssh_config` set:

    Host *
        Ciphers [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr

Above snippets come from [here][1]  
To test your server's settings you can use [ssh-audit][2]


  [1]: https://stribika.github.io/2015/01/04/secure-secure-shell.html
  [2]: https://github.com/arthepsy/ssh-audit