Hardening SSH MAC algorithms

Hello,
I have a security requirement to disable all 96 bit and MD5 hash algorithms in SSH.

The MAC algorithms that are considered secure are:
hmac-sha2-512-etm@openssh.com
hmac-sha2-256-etm@openssh.com
umac-128-etm@openssh.com
hmac-sha2-512
hmac-sha2-256
umac-128@openssh.com

The SSH version installed in RHEL 7.3 appears to be OpenSSH 6.6. The command "sshd -T | grep macs" shows the supported MAC algorithms, and all of the above are included (plus a bunch of the MD5 and 96bit algorithms).

If I add a "macs" line to "/etc/ssh/sshd_config" to include just the secure algorithms above (by default there is no "macs" line added to sshd_config), the clients can't connect to the ssh server; I never get a login prompt; it just immediately drops the connection.

The client being used to connect is the most recent version of putty - I also tested it with a current trial commercial version of SSH and also a Tectia client, and get the same result from all of them.

I think I just must be missing an important step - any suggestions?

Paul