AES256-ctr was just added in ASA software version 9.1(2). I don't believe the ssh encryption type is configurable in the ASA ssh server. You need to specify it in the client - I did verify it will connect when yo do that (see output below).
SSL encyption ciphers can be specified to exclude the weak ciphersuites.
# sh ssh session det
SSH Session ID : 1 Client IP : <deleted> Username : <deleted> SSH Version : 2.0 State : SessionStarted Inbound Statistics Encryption : aes256-ctr HMAC : sha1 Bytes Received : 1824 Outbound Statistics Encryption : aes256-ctr HMAC : sha1 Bytes Transmitted : 5632 Rekey Information Time Remaining (sec) : 3277 Data Remaining (bytes): 996142580 Last Rekey : 07:12:38.807 UTC Tue May 20 2014 Data-Based Rekeys : 0 Time-Based Rekeys : 0
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...