OpenSSH – secure protocol to connect and manage remote servers – has announced dropping support for SHA-1 logins. The service has taken this decision considering the underlying insecurities in the scheme.
OpenSSH Drops SHA-1 Logins
In a recent notice, OpenSSH has announced deprecating SHA-1 logins considering its ease of breach. OpenSSH believes that better alternatives to SHA-1 are available that ensure better security.
OpenSSH facilitates users in managing remote servers with security. The utility lets the users connect to the server via private keys. One of these is stored with the users’ OpenSSH Client, whereas the other is with the corresponding server. OpenSSH uses algorithms (like SHA-1) to generate these keys for the users.
However, citing a recently published white paper, OpenSSH quoted that SHA-1 has become vulnerable to attacks. Hence, they have decided to disable the “SSH-RSA” mode in future releases.
As stated in their notice,
It is now possible to perform chosen-prefix attacks against the SHA-1 algorithm for less than USD$50K. For this reason, we will be disabling the “ssh-rsa” public key signature algorithm by default in a near-future release.
Hence, OpenSSH has suggested some better alternatives to SHA-1. These include:
- RFC8332 RSA SHA-2 signature algorithms rsa-sha2-256/512 that works on SHA-2 hash.
- ssh-ed25519 signature algorithm
- RFC5656 ECDSA algorithms: ecdsa-sha2-nistp256/384/521
OpenSSH already supports these algorithms for several previous releases. Even the RFC8332 RSA SHA-2 is also available since OpenSSH 7.2.
Thus, with future releases, OpenSSH will disable SHA-1 by default. Whereas, it will enable the users to switch to better algorithms automatically.
A future release of OpenSSH will enable UpdateHostKeys by default to allow the client to automatically migrate to better algorithms.
How To Check The Support Public Key Algorithm
For the future, OpenSSH allows the users to check if the server uses the ssh-rsa public key for host authentication.
Try to connect to it after removing the ssh-rsa algorithm from ssh(1)’s allowed list:
ssh -oHostKeyAlgorithms=-ssh-rsa user@host
In case the host verification fails, the server software needs and upgrade. After that, OpenSSH will generate new keys with better authentication algorithms.
This option is available to all the users as OpenSSH has released version 8.3. Users may simply upgrade to this version to jazz up the server security.
Previously, with version 8.2, OpenSSH also introduced support for FIDO/U2F keys. Hence, users may also use hardware keys for connecting to remote servers.