So router's g0/0 and FTD's INSIDE interface are in same subnet.

I am able to ssh with inside ip address when i create a new session on SecureCRT.

I think there is something with cipher on the router or FTD.

If your ISR isn't running current software or isn't setup properly for ssh security it may indeed have issues logging in to a newer FTD device. An ssh debug or packet capture will generally highlight if there is an issue establishing secure cipher agreement.

i tried to run debug in asa 5508. using debug ssh command. and when i try to ssh to the firewall i am not getting any debug.

Can you share the ASA ssh config ("show run ssh")?

Is the source IP of the session from the ISR in the same allowed subnet as the source of your SecureCRT session?

Can you confirm with packet capture that you see the traffic from the ISE coming to the ASA inside interface?

Can you share the ASA ssh config ("show run ssh")?

MC-AR-FTD# sh run ssh
ssh 0.0.0.0 0.0.0.0 inside
ssh 0.0.0.0 0.0.0.0 outside-sec

Is the source IP of the session from the ISR in the same allowed subnet as the source of your SecureCRT session?

That is correct.

Can you confirm with packet capture that you see the traffic from the ISE coming to the ASA inside interface?

 1: 04:40:19.782338XXXX.XXXX.XXXX XXXX.XXXX.XXXX 0x0800 Length: 58
172.16.56.3.26601 > 172.16.56.10.22: S [tcp sum ok] 4239897270:4239897270(0) win 4128 <mss 1460> [tos 0xc0] (ttl 255, id 37548)
2: 04:40:19.782674XXXX.XXXX.XXXX 0x0800 Length: 58
172.16.56.10.22 > 172.16.56.3.26601: S [tcp sum ok] 795742650:795742650(0) ack 4239897271 win 29200 <mss 1460> (DF) (ttl 64, id 0)
3: 04:40:19.783162 6XXXX.XXXX.XXXX 0x0800 Length: 54
172.16.56.3.26601 > 172.16.56.10.22: . [tcp sum ok] 4239897271:4239897271(0) ack 795742651 win 4128 [tos 0xc0] (ttl 255, id 37549)
4: 04:40:19.849031XXXX.XXXX.XXXX 0x0800 Length: 85
172.16.56.10.22 > 172.16.56.3.26601: P [tcp sum ok] 795742651:795742682(31) ack 4239897271 win 29200 (DF) (ttl 64, id 58499)

Yes that router can ssh to other device.