With the steps shown here, you have the chance to adapt the SSH configuration to your own security needs. The following values should be active after a facrory reset of the ASA.

ASA-Intern# sh ssh
Timeout: 5 minutes
Version allowed: 1 outside outside-1 mgmt

With the next configuration lines, I optimise the already active configuration and bind the authentication to the local user database. Because I do not have a radius or Tacacs+ integrated at the moment.

ASA-Intern# conf t
ASA-Intern(config)# ssh timeout 10
ASA-Intern(config)# ssh version 2
ASA-Intern(config)# ssh key-exchange group dh-group14-sha1
ASA-Intern(config)# ssh stricthostkeycheck
ASA-Intern(config)# aaa authentication ssh console LOCAL

Looked again how the configuration now looks.

ASA-Intern# sh ssh
Timeout: 10 minutes
Version allowed: 2 outside outside-1 mgmt

The default settings set by Cisco are hidden. For this reason, the entire configuration has to be searched for the keyword ssh.

ASA-Intern# sh run all | i ssh
object service tcp-ssh pre-defined
service tcp destination eq ssh
aaa authentication ssh console LOCAL
ssh stricthostkeycheck
ssh outside
ssh outside-1
ssh mgmt
ssh timeout 10
ssh version 2
ssh key-exchange group dh-group14-sha1