On Wed, 21 Oct 2020, Alex Harrison wrote: > Chris, > Thanks for the response! Maybe I shouldn't have mentioned > UpdateHostKeys in my post. I only mentioned it because it is > referenced in a way that I read as a part of the strategy to deprecate > ssh-rsa Right, it is part of our strategy for addressing host keys as more SSH server implementations support ECDSA and Ed25519 host keys than support rsa-sha2-256/512. Gracefully migrating users to other algorithms is an easy path to avoid RSA/SHA1 (and to generally use better crypto). -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
