Here are the commands you’ll need to harden SSH on your Mikrotik Routers. It looks like it still can use SSH-RSA, but it does get rid of most of the weaker crytpo algorithms.
/ip/ssh/set strong-crypto=yes allow-none-crypto=no always-allow-password-login=no host-key-size=4096
We’ll want to regenerate the Host Key now that the settings have been changed.
It will prompt to enter [y/N] to confirm that you actually want to regenerate the host key. Hit y
After your done, you can use something like ssh-audit to check your equipment.
Further hardening information is available at the following link.