On 2025/08/12 09:42, Damien Miller wrote: > We have backported the new name to past OpenSSH versions to make it > as easy as possible for downstream maintainers, especially though who > maintain LTS OS distributions to include it in their releases. > > Supporting both names will maximise the universe of software that will > automatically use a post-quantum safe key agreement scheme. We believe > this is an important step to reduce the risk of "store now, decrypt > later" attacks. > > If you are a maintainer for OpenSSH in a LTS operating system, please > consider including this change, cherrypicked from the relevant branch > for the OpenSSH release you ship (e.g. from the V_9_0 branch for > OpenSSH 9.0). Please let me know if there is anything I can do to > assist. Passing on a message from chatting with someone about this change - apparently there are older Fedora/RHEL boxes which do have openssh 9.x but don't have mlkem768x25519-sha256 enabled in default crypto-policies. Not sure if that would be in scope for a change at this point but maybe worth relevant maintainer/s considering if possible. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
