diff --git a/windows/nanoserver/Dockerfile b/windows/nanoserver/Dockerfile
index a89107d2..f983b3eb 100644
--- a/windows/nanoserver/Dockerfile
+++ b/windows/nanoserver/Dockerfile
@@ -95,7 +95,7 @@ ENV JENKINS_AGENT_USER ${user}
 ENV JENKINS_AGENT_WORK ${JENKINS_AGENT_WORK}
 
 # Setup SSH server
-ARG OPENSSH_VERSION=V8.6.0.0p1-Beta
+ARG OPENSSH_VERSION=v9.5.0.0p1-Beta
 RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; `
     $url = 'https://github.com/PowerShell/Win32-OpenSSH/releases/download/{0}/OpenSSH-Win64.zip' -f $env:OPENSSH_VERSION ; `
     Write-Host "Retrieving $url..." ; `
@@ -103,8 +103,10 @@ RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tl
     Expand-Archive c:/openssh.zip 'C:/Program Files' ; `
     Remove-Item C:/openssh.zip ; `
     $env:PATH = '{0};{1}' -f $env:PATH,'C:\Program Files\OpenSSH-Win64' ; `
-    & 'C:/Program Files/OpenSSH-Win64/Install-SSHd.ps1' ; `
     if(!(Test-Path 'C:\ProgramData\ssh')) { New-Item -Type Directory -Path 'C:\ProgramData\ssh' | Out-Null } ; `
+    icacls 'C:\ProgramData\ssh' /inheritance:d ; `
+    icacls 'C:\ProgramData\ssh' /remove 'CREATOR OWNER' ; `
+    & 'C:/Program Files/OpenSSH-Win64/Install-SSHd.ps1' ; `
     Copy-Item 'C:\Program Files\OpenSSH-Win64\sshd_config_default' 'C:\ProgramData\ssh\sshd_config' ; `
     $content = Get-Content -Path "C:\ProgramData\ssh\sshd_config" ; `
     $content | ForEach-Object { $_ -replace '#PermitRootLogin.*','PermitRootLogin no' `
diff --git a/windows/windowsservercore/Dockerfile b/windows/windowsservercore/Dockerfile
index dfba4c8d..3ca59147 100644
--- a/windows/windowsservercore/Dockerfile
+++ b/windows/windowsservercore/Dockerfile
@@ -83,7 +83,7 @@ RUN $CurrentPath = (Get-Itemproperty -path 'hklm:\system\currentcontrolset\contr
     & C:\mingit\cmd\git.exe lfs install
 
 # Setup SSH server
-ARG OPENSSH_VERSION=V8.6.0.0p1-Beta
+ARG OPENSSH_VERSION=v9.5.0.0p1-Beta
 RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; `
     $url = 'https://github.com/PowerShell/Win32-OpenSSH/releases/download/{0}/OpenSSH-Win64.zip' -f $env:OPENSSH_VERSION ; `
     Write-Host "Retrieving $url..." ; `