OpenSSH 10 relies on standards for quantum-safe key exchange

The tenth edition of the secure remote shell OpenSSH cuts out some old habits, adheres to post-quantum standards and separates the user login from the rest of the server. The decade-long process of throwing out the long-outdated DSA signature algorithm is now complete, which only very few users are likely to notice. This is because DSA has been deactivated in the default configuration of the SSH server since 2015, and since last year support has also had to be activated when compiling the source code. Now the last remnants are disappearing from the OpenSSH code.

Key exchange using “classic” Diffie-Hellman is also disappearing from the SSH server, as it offers no performance advantages over key exchange using elliptic curves or quantum-safe algorithms.

New post-quantum key exchange

The standard algorithm for key exchange is also changing. The developers chose MLKEM-768 as the new quantum-safe method of choice. The previous version had already used a presumably quantum-safe algorithm in the standard configuration for key exchange, namely a hybrid of NTRU Prime and X25519. The development team is now replacing this, as MLKEM is not only faster, but is also now standardized by NIST.

Attacks against the login process on the SSH server have always been the top class of security vulnerabilities, such as the Terrapin attack and the RegreSSHion vulnerability from 2024. To mitigate the effects of such attacks, OpenSSH 10 outsources the authentication process to a separate program called ssh-auth. Its main memory area is separated from that of the rest of the server, so that even in the event of a successful pre-authentication exploit, fewer interactions are to be expected.

Dozens of other bug fixes, smaller new features and a security fix for the DisableForwarding configuration directive round off the OpenSSH 10 release. Knowledgeable admins can compile the server and client from the source code; packages for Linux distributions are not yet available.

(cku)