Future deprecation of ssh-rsa
Damien Miller
djm at mindrot.org
Fri Oct 23 10:44:21 AEDT 2020
On Thu, 22 Oct 2020, Jochen Bern wrote:
> On 22.10.20 00:37, Damien Miller wrote:
> > The abilility to gracefully rotate persistent keys is a fundamental
> > capability in a cryptosystem. Being able to migrate to better algorithms
> > over time without breaking continuity of trust is a related capability.
> > Both these are IMO serious omissions from the SSH standards.
> >
> > Not having these capabilities meant that servers used DSA longer than
> > they should have, used RSA/1024 when they should have moved to longer
> > key lengths and could not adopt better signature algorithms like Ed25519
> > when they became available.
>
> No contest there, but do you mean to say that UpdateHostKeys actually
> enforces new algos and keys to be "better" than the currently-used one?
> Per what, and whose (client/server), definition?
Per the HostkeyAlgorithms list in the client.
Think of it like this: UpdateHostkeys allows a server to inform the
client of its set of keys. HostkeyAlgorithms (on the client) decides
which the client actually uses.
-d
More information about the openssh-unix-dev
mailing list