SSH FIPS mode macs should be updated

Description

The logic in the ssh::server:arams class really needs to be evaluated. First it can probably be moved to module data going forward, but secondly the FIPs ciphers are still set to hmac-sha1, hmac-sha2-256; which by specification are not entirely invalid; however, they should be moved to the stronger set of macs

$macs = [
'hmac-sha2-512-etm@openssh.com',
'hmac-sha2-256-etm@openssh.com',
'hmac-sha2-512',
'hmac-sha2-256'
]

something like the above, which are actually set as the non-FIPS macs for newer systems (EL7+)

Acceptance Criteria

None

Epic Link

None

Story Points

None

Components

Affects versions

Priority

Medium
Configure