The ssh-rsa deprecation, and OpenSSH 7.4

Damien Miller djm at mindrot.org
Sat May 30 10:44:43 AEST 2020


On Fri, 29 May 2020, Chris Danis wrote:

> Hello,
> 
> The release notes for 8.2 and 8.3 (essentially) state that an OpenSSH
> version of 7.2 or later is sufficient to avoid worrying about the
> ssh-rsa public key algorithm deprecation.
> 
> But I'm pretty sure that sshd in specifically OpenSSH 7.4 won't be
> fully compatible in a post-ssh-rsa-deprecation world, as it has a bug
> introduced by a cleanup patch[0] which causes it to not enumerate
> rsa-sha2-256 or rsa-sha2-512 in its server-sig-algs response in the
> extended KEX.  This was fixed in 7.5.

Good point, I'll clarify this in future release notes.

> Am I understanding everything correctly?  If so, maybe the release
> notes should be clarified with this wrinkle about version numbers.
> 
> I'm not sure if it would also make sense to release a 7.4p2 that
> includes the fix patch[1], but wanted to suggest it as an idea.
> 
> Additionally, while the release notes focus on a discussion of host
> keys, I think that some discussion of user RSA public keys might also
> be worthwhile to include.

Definitely, there will be more information when we get closer to
the actual deprecation. We're still one or two steps away ATM,
e.g. we still need to fix the corner cases in UpdateHostkeys and
enable it.

-d


More information about the openssh-unix-dev mailing list