Future deprecation of ssh-rsa
Chris Danis
cdanis at wikimedia.org
Wed Oct 21 11:21:19 AEDT 2020
Alex,
Because you ask about UpdateHostKeys I think there might be a common
misunderstanding behind your post. Apologies if I assumed wrongly!
RSA keys are not going away, and will continue to be supported.
'ssh-rsa' is the prefix used for the public keys as stored on disk,
but that on-disk key format is not what's being deprecated.
While this isn't obvious to those who aren't well-versed in SSH wire
protocol internals, in the context of the deprecation, 'ssh-rsa'
refers only to the ephemeral, over-the-wire signature algorithm used
to validate the client's possession of the key.
As long as both the client and server support the newer signature
algorithms like 'rsa-sha2-256' or 'rsa-sha2-512', your RSA keys will
continue to work. (Also, the 'ssh-rsa' prefix is still used for the
key, even though the signature algorithm is now named differently.)
The necessary signature algorithm support was added in OpenSSH 7.2.
I hope this helps,
--
Chris Danis (he/him)
Staff Site Reliability Engineer
Wikimedia Foundation
More information about the openssh-unix-dev
mailing list