diff --git a/builtin/logical/ssh/util.go b/builtin/logical/ssh/util.go
index 4c924758f..afc4997ec 100644
--- a/builtin/logical/ssh/util.go
+++ b/builtin/logical/ssh/util.go
@@ -171,6 +171,7 @@ func createSSHComm(logger log.Logger, username, ip string, port int, hostkey str
 			ssh.PublicKeys(signer),
 		},
 		HostKeyCallback: insecureIgnoreHostWarning(logger),
+		Timeout:         1 * time.Minute,
 	}
 
 	connfunc := func() (net.Conn, error) {
diff --git a/changelog/15440.txt b/changelog/15440.txt
new file mode 100644
index 000000000..36e0c7944
--- /dev/null
+++ b/changelog/15440.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+secrets/ssh: Add connection timeout of 1 minute for outbound SSH connection in deprecated Dynamic SSH Keys mode.
+```