Got Linux ?

Blah blah blah... Mostly technical thoughts, rants and gibberish

ssh-rsa SSH keys (type) are NOT deprecated!


Recently, the Internet has been shouting all around the place (and further) that ssh-rsa SSH keys are deprecated and must not be used anylonger.

And I’ve been tearing my hair off explaining to lost souls they are not, that RSA key pairs are atill perfectly safe and usable (provided you’re not using a 20-year old key with a 512-bit length).

The important thing to note about RSA key pairs and (Open)SSH is that the ssh-rsa (and rsa-sha2-*) identifiers cover two entirely different (almost orthogonal) aspects:

As standardized in the (original) RFC4253 and updated in the (SHA2-related) RFC8332.

Now, much misunderstandings seem to have spawned from OpenSSH deprecating the use of the SHA1 (ssh-rsa) signature algorithm - as of OpenSSH 8.2 - used during the SSH handshake (and not part of the RSA key pair itself), with many people jumping to the RSA (ssh-rsa) key type being deprecated and EVIL.

This was further amplified by people relying on tooling and SSH clients which - as of (late) 2021 - were still not able to use SHA2 signature algorithm - despite its introduction in 2018 (RFC8332) - and attempting to connect to modern SSH servers that enforced SHA2-only handshakes (along ssh-rsa key type).

The most notorious example being Go(Lang) native SSH client/server (library), which SHA2 support was added in November 2021 (…) and upon which many cloud native tools rely (e.g. HashiCorp Packer, Terraform, etc.).

So, to cut it short: