I haven’t tried it with Duplicati myself yet, but it does seem like your KEX and MAC choices have no matches with what is available in the SSH library that Duplicati uses:
Wonder if it would work if you enabled this KEX: diffie-hellman-group-exchange-sha256 and this MAC: hmac-sha2-256 (or hmac-sha2-512)
But per my previous message I am not sure if there are vulnerabilities with any of those. (I know to avoid MD5 and SHA1 stuff…)