Future deprecation of ssh-rsa
Damien Miller
djm at mindrot.org
Wed Oct 21 13:08:56 AEDT 2020
On Wed, 21 Oct 2020, Alex Harrison wrote:
> Chris,
> Thanks for the response! Maybe I shouldn't have mentioned
> UpdateHostKeys in my post. I only mentioned it because it is
> referenced in a way that I read as a part of the strategy to deprecate
> ssh-rsa
Right, it is part of our strategy for addressing host keys as more SSH
server implementations support ECDSA and Ed25519 host keys than support
rsa-sha2-256/512. Gracefully migrating users to other algorithms is an
easy path to avoid RSA/SHA1 (and to generally use better crypto).
-d
More information about the openssh-unix-dev
mailing list