How can I enable back diffie-hellman-group1-sha1 for SSH connection for Amazon Linux 2023?

How can I enable back diffie-hellman-group1-sha1 for SSH connection for Amazon Linux 2023? AMI: al2023-ami-2023.1.20230912.0-kernel-6.1-x86_64

I have an old version secureCRT. it doesn't support newer KexAlgorithms I understand this is less secure. and this is not a production ec2.

I've tried to set update-crypto-policies --set LEGACY and edit the backend linked file opensshserver added diffie-hellman-group1-sha1 at KexAlgorithms

and added KexAlgorithms +diffie-hellman-group1-sha1 at /etc/ssh/sshd_config

but still I'm not able to login error shows Key exchange failed. No compatible hostkey. The server supports these methods: ecdsa-sha2-nistp256,ssh-ed25519

detailed logs here:

[LOCAL] : SSH2Core version 7.2.0.606 [LOCAL] : Connecting to 13.212.76.239:22 ... SecureCRT - Version 7.2.6 (x64 build 606) Initializing Firewall[HTTP]: sgsinx05-proxy.apac.nsn-net.net:8080 [LOCAL] : Changing state from STATE_NOT_CONNECTED to STATE_EXPECT_KEX_INIT [LOCAL] : Using protocol SSH2 [LOCAL] : RECV : Remote Identifier = 'SSH-2.0-OpenSSH_8.7' [LOCAL] : CAP : Remote can re-key [LOCAL] : CAP : Remote sends language in password change requests [LOCAL] : CAP : Remote sends algorithm name in PK_OK packets [LOCAL] : CAP : Remote sends algorithm name in public key packets [LOCAL] : CAP : Remote sends algorithm name in signatures [LOCAL] : CAP : Remote sends error text in open failure packets [LOCAL] : CAP : Remote sends name in service accept packets [LOCAL] : CAP : Remote includes port number in x11 open packets [LOCAL] : CAP : Remote uses 160 bit keys for SHA1 MAC [LOCAL] : CAP : Remote supports new diffie-hellman group exchange messages [LOCAL] : CAP : Remote correctly handles unknown SFTP extensions [LOCAL] : CAP : Remote correctly encodes OID for gssapi [LOCAL] : CAP : Remote correctly uses connected addresses in forwarded-tcpip requests [LOCAL] : CAP : Remote can do SFTP version 4 [LOCAL] : CAP : Remote x.509v3 uses ASN.1 encoding for DSA signatures [LOCAL] : CAP : Remote correctly handles zlib@openssh.com [LOCAL] : SSPI : Requesting full delegation [LOCAL] : SSPI : [Kerberos] SPN : host@13.212.76.239 [LOCAL] : SSPI : [Kerberos] InitializeSecurityContext() failed. [LOCAL] : SSPI : [Kerberos] The specified target is unknown or unreachable
[LOCAL] : SSPI : [Kerberos] Disabling gss mechanism [LOCAL] : GSS : Requesting full delegation [LOCAL] : GSS : [Kerberos] SPN : host@13.212.76.239 [LOCAL] : GSS : [Kerberos] InitializeSecurityContext() failed. [LOCAL] : GSS : [Kerberos] Could not load library 'gssapi64.dll': The specified module could not be found.
[LOCAL] : GSS : [Kerberos] Disabling gss mechanism [LOCAL] : GSS : [Kerberos] Disabling gss mechanism [LOCAL] : The following key exchange method has been filtered from the key exchange method list because it is not supported: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==
[LOCAL] : SSPI : Requesting full delegation [LOCAL] : SSPI : [Kerberos (Group Exchange)] SPN : host@13.212.76.239 [LOCAL] : SSPI : [Kerberos (Group Exchange)] InitializeSecurityContext() failed. [LOCAL] : SSPI : [Kerberos (Group Exchange)] The specified target is unknown or unreachable
[LOCAL] : SSPI : [Kerberos (Group Exchange)] Disabling gss mechanism [LOCAL] : GSS : Requesting full delegation [LOCAL] : GSS : [Kerberos (Group Exchange)] SPN : host@13.212.76.239 [LOCAL] : GSS : [Kerberos (Group Exchange)] InitializeSecurityContext() failed. [LOCAL] : GSS : [Kerberos (Group Exchange)] Could not load library 'gssapi64.dll': The specified module could not be found.
[LOCAL] : GSS : [Kerberos (Group Exchange)] Disabling gss mechanism [LOCAL] : GSS : [Kerberos (Group Exchange)] Disabling gss mechanism [LOCAL] : The following key exchange method has been filtered from the key exchange method list because it is not supported: gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==
[LOCAL] : SEND : KEXINIT [LOCAL] : RECV : Read kexinit [LOCAL] : Available Remote Kex Methods = curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [LOCAL] : Selected Kex Method = diffie-hellman-group-exchange-sha1 [LOCAL] : Available Remote Host Key Algos = ecdsa-sha2-nistp256,ssh-ed25519 [LOCAL] : Selected Host Key Algo =
[LOCAL] : Available Remote Send Ciphers = aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc,3des-cbc [LOCAL] : Selected Send Cipher = aes256-ctr [LOCAL] : Available Remote Recv Ciphers = aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc,3des-cbc [LOCAL] : Selected Recv Cipher = aes256-ctr [LOCAL] : Available Remote Send Macs = hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512 [LOCAL] : Selected Send Mac = hmac-sha1 [LOCAL] : Available Remote Recv Macs = hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512 [LOCAL] : Selected Recv Mac = hmac-sha1 [LOCAL] : Available Remote Compressors = none,zlib@openssh.com [LOCAL] : Selected Compressor = none [LOCAL] : Available Remote Decompressors = none,zlib@openssh.com [LOCAL] : Selected Decompressor = none [LOCAL] : SEND: Disconnect packet: Key exchange failed.
[LOCAL] : Changing state from STATE_EXPECT_KEX_INIT to STATE_SEND_DISCONNECT [LOCAL] : Changing state from STATE_SEND_DISCONNECT to STATE_CLOSED [LOCAL] : Connected for 0 seconds, 721 bytes sent, 1085 bytes received [LOCAL] : Stream has closed [CLOSE_TYPE_NONSPECIFIC] : Key exchange failed. No compatible hostkey. The server supports these methods: ecdsa-sha2-nistp256,ssh-ed25519

Key exchange failed. No compatible hostkey. The server supports these methods: ecdsa-sha2-nistp256,ssh-ed25519