Skip to content
Control Stack logo Control Stack
ISM-1506 ASD Information Security Manual (ISM)

Disable SSH Version 1 for Security

SSH version 1 is turned off to improve security for SSH connections.

Preventative Non-classified OFFICIAL: Sensitive PROTECTED SECRET TOP SECRET ASD Information Security ManualGovernanceNetwork securityConfiguration management

🏛️ Framework

ASD Information Security Manual (ISM)

🧭 Control effect

Preventative

🔐 Classifications

NC, OS, P, S, TS

🗓️ ISM last updated

Feb 2022

✏️ Control Stack last updated

22 Feb 2026

🎯 E8 maturity levels

N/A

Guideline

Guidelines for cryptography

Section

Secure Shell

Topic

Configuring Secure Shell
Official control statement
The use of SSH version 1 is disabled for SSH connections.

Source: ASD Information Security Manual (ISM)

Plain language

This control means switching off the older version of a tool called SSH that lets people connect securely to computers over the internet. It matters because the older version has security holes that can let attackers in, which could mean someone could steal information or take control of your systems.

Why it matters

Enabling SSH version 1 exposes systems to man-in-the-middle attacks, risking interception or modification of sensitive data in transit.

Operational notes

Configure SSHD to allow only protocol 2. Regularly audit sshd_config and run automated checks to detect SSH v1 being enabled.

Implementation tips

  • IT team should check all servers: Review which servers are using SSH connections to ensure none are using version 1. Use a network monitoring tool to identify these connections and make a list for updating.
  • System administrator should update configurations: Turn off SSH version 1 on servers by adjusting the server software settings. Follow the software provider’s guide to make this change and apply updates as necessary.
  • IT security lead should test the updates: After disabling SSH version 1, perform a security check to ensure connections are using the newer version. Use a network scanner to verify the change is active.
  • Manager should communicate changes: Inform all staff that the older SSH version will be turned off and explain how the change strengthens security. Provide guidance for anyone who connects remotely on how to access systems using the updated setup.
  • HR or IT trainer should plan a training session: Organise a short session for staff to show how to use the new SSH version for secure connections. Include a practical demonstration and a Q&A period at the end.

Audit / evidence tips

  • Ask: server configuration reports: Request a document showing which SSH versions are active on each server

    Good: The report lists only SSH version 2 or higher as active

  • Ask: records of changes made to the server configurations regarding SSH versions

    Good: A change log showing SSH version 1 removal with corresponding dates

  • Ask: network scan results: Request logs from recent network scans to check for SSH version use

    Good: A scan report listing no connections using SSH version 1

  • Ask: records of training sessions held on the new SSHversion

    Good: A training record with dated attendance lists and covered topics

  • Ask: the communication plan: Request a copy of the plan or emails sent to inform staff about the SSH change

    Good: A plan or email detailing the change, its importance, and clear next steps for users

Cross-framework mappings

How ISM-1506 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.

These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.

ISO 27001

Control Notes Details
Partially meets (1)
Annex A 8.20 ISM-1506 requires organisations to disable SSH version 1 for SSH connections to reduce network-exposed cryptographic and protocol weaknesses

Mapping detail

Mapping

Direction

Controls