• aard@kyu.de
    link
    fedilink
    arrow-up
    1
    ·
    10 months ago

    That’s doable for the server - but an OpenSSH client without RSA support will be useless for the next one or two decades, assuming the various appliance and cloud vendors react faster than they usually do.

    • Hirom@beehaw.org
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      10 months ago

      Different timelines could be set for client and server, for instance by disabling RSA by default for server software first, and 2 years later for client software.

      As the article explain, optional doesn’t mean it’s gone. Distributions can and already distribute a separate version for OpenSSH with old algorithms (eg for sshv1) for people forced to work with old servers. Even if distributions do not, anyone can also build OpenSSH themselves with whatever option they want.