Abaphuhlisi beprojekthi ye-OpenSSH baye babonisa isicwangciso sokuphelisa inkxaso yezitshixo ezisekelwe kwi-algorithm ye-DSA. Ngokwemigangatho yangoku, izitshixo ze-DSA aziboneleli ngenqanaba elifanelekileyo lokhuseleko, kuba zisebenzisa ubungakanani besitshixo sabucala samasuntswana angama-160 kuphela kunye ne-SHA1 hash, leyo ngokwenqanaba lokhuseleko ihambelana malunga nesitshixo se-symmetric ye-80-bit.
Ngokungagqibekanga, ukusetyenziswa kwezitshixo ze-DSA zayekwa ngo-2015, kodwa inkxaso ye-DSA ishiywe njengendlela yokukhetha, ekubeni le algorithm iyona kuphela efunekayo ekuphunyezweni kwiprotocol ye-SSHv2. Le mfuno yongezwa kuba ngexesha iprotocol ye-SSHv2 yayiyilwa kwaye yamkelwa, zonke iindlela ezizezinye zazixhomekeke kumalungelo awodwa omenzi wechiza. Ukususela ngoko, imeko ishintshile, amalungelo obunikazi ahambelana ne-RSA aphelile, i-algorithm ye-ECDSA yongezwa, eyona nto iphezulu kakhulu kwi-DSA ekusebenzeni nasekukhuseleni, kunye ne-EdDSA, ekhuselekileyo kwaye ikhawuleza kune-ECDSA. Ekuphela kwento ekuqhubekekeni kwenkxaso ye-DSA kukugcina ukuhambelana nezixhobo zelifa.
Emva kokuvavanya imeko kwizinto zangoku, abaphuhlisi be-OpenSSH bafikelela kwisigqibo sokuba iindleko zokuqhubeka nokugcina i-algorithm ye-DSA engakhuselekanga ayifanelekanga kwaye ukususwa kwayo kuya kukhuthaza ukupheliswa kwenkxaso ye-DSA kwezinye iinkqubo ze-SSH kunye neelayibrari ze-cryptographic. Ukukhutshwa kuka-Epreli kwe-OpenSSH iceba ukugcina ukwakhiwa kwe-DSA, kodwa ukubonelela ngokukwazi ukukhubaza i-DSA ngexesha lokuqokelela. NgoJuni ukukhutshwa kwe-OpenSSH, i-DSA iya kukhutshazwa ngokungagqibekanga xa isakha, kwaye ukuphunyezwa kwe-DSA kuya kususwa kwi-codebase ekuqaleni kwe-2025.
Abasebenzisi abafuna inkxaso ye-DSA yecala lomxhasi baya kuba nakho ukusebenzisa ezinye iindlela zokwakha zeenguqulelo ezindala ze-OpenSSH, ezinje nge-Debian-supplied package "openssh-client-ssh1", eyakhelwe phezu kwe-OpenSSH 7.5 kwaye yenzelwe ukuqhagamshela kwiiseva ze-SSH kusetyenziswa Iprothokholi ye-SSHv1, eyayekwa ukusetyenziswa kwi-OpenSSH 7.6 kwiminyaka emithandathu eyadlulayo.
umthombo: opennet.ru