ProHoster > Blog > internet news > OpenSSH 9.9 Released with ML-KEM Post-Quantum Encryption Algorithm Support

OpenSSH 9.9 Released with ML-KEM Post-Quantum Encryption Algorithm Support

OpenSSH 9.9, an open source implementation of a client and server for working with the SSH 2.0 and SFTP protocols, has been released. Key changes:

  • ssh and sshd now support the quantum-resistant hybrid key exchange algorithm "mlkem768x25519-sha256", which is a combination of X25519 ECDH and the ML-KEM (CRYSTALS-Kyber) algorithm recently standardized by the US National Institute of Standards and Technology (NIST). ML-KEM uses lattice-theoretic cryptography that can be solved in the same amount of time on conventional and quantum computers.
  • The sshd_config configuration file has a new keyword, "RefuseConnection", which when set will cause sshd to terminate connections after the first authentication attempt. The PerSourcePenalties directive has a new class, "refuseconnection", which is used when terminating a connection after "RefuseConnection" is triggered.
  • The SSH client no longer supports pre-authentication data compression, which significantly increases the attack surface of SSH servers and creates the risk of using indirect methods of analyzing information sent during the authentication process. server sshd pre-authentication compression was previously disabled.
  • In ssh and sshd, when parsing the arguments of the "Match" directive, shell-like rules for handling quoted strings are used, supporting nested framing and escaping with the "\" character.
  • In the ssh_config configuration file, the "Include" directive provides support for environment variables and "%" substitutions, just like in the "Match Exec" directive.
  • In sshd_config, the Match directive has been updated to include the "invalid-user" option, which is triggered when attempting to log in with an invalid username.
  • A faster implementation of the "Streamlined NTRUPrime" algorithm has been implemented in ssh and sshd. The Streamlined NTRUPrime/X25519 hybrid key exchange algorithm now supports the name "sntrup761x25519-sha512" in addition to the SSH-specific name "sntrup761x25519-sha512@openssh.com".
  • Added functionality to ssh, sshd and ssh-agent that works in OpenBSD, Linux and FreeBSD protection against private keys being leaked into core files.
  • Key handling has been switched to using the EVP_PKEY API provided by the libcrypto library.
  • sshd has a random change in the connection timeout (LoginGraceTime) within 4 seconds to make it more difficult to detect when the timeout has expired.
  • Problems with building with the Musl library have been resolved.

Source: opennet.ru

Buy reliable hosting for sites with DDoS protection, VPS VDS servers 🔥 Buy reliable website hosting with DDoS protection, VPS VDS servers | ProHoster