On Wed, 21 Oct 2020, Alex Harrison wrote: > For the last few releases, there has been a notice that ssh-rsa will > be deprecated in a near-future release. Is there a target release > for this deprecation to take effect? I saw in the 8.4 release notes > that UpdateHostKeys is going to be default enabled in the next release > to prepare for this. Is it likely that 8.6 will deprecate ssh-rsa > after a release cycle of UpdateHostKeys being default or are we likely > talking further in the future than that? > > I apologize if this has been asked before and I've missed it. I've > tried reading threads that looked relevant and did not see the answer. No, we haven't set a target date yet. It really depends on how well turning on UpdateHostKeys goes, how quickly a release with UpdateHostKeys ends up on common OS distributions and a couple of other things. What we'll probably do is start by turning off ssh-rsa in git HEAD at after the next release, and leave it off until close to the next release. This will give people who use OpenSSH HEAD (e.g. the users of OpenBSD -current) some experience with the practical impact of the change while we're giving time for UpdateHostKeys to reach a wider population and do its thing. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
