Abathuthukisi bephrojekthi ye-OpenSSH bethule uhlelo lokuqeda ukusekelwa kokhiye ngokusekelwe ku-algorithm ye-DSA. Ngamazinga esimanjemanje, okhiye be-DSA abanikezi ileveli efanele yokuphepha, njengoba basebenzisa usayizi wokhiye oyimfihlo wamabhithi angu-160 kuphela kanye ne-SHA1 hashi, ngokuya ngeleveli yokuphepha ehambisana cishe nokhiye we-symmetric ongu-80-bit.
Ngokuzenzakalelayo, ukusetshenziswa kokhiye be-DSA kwanqanyulwa ngo-2015, kodwa ukusekelwa kwe-DSA kushiywa njengenketho, njengoba le-algorithm iyona kuphela edingekayo ukuze kusetshenziswe kuphrothokholi ye-SSHv2. Le mfuneko yengeziwe ngoba ngesikhathi sokudalwa nokugunyazwa kwephrothokholi ye-SSHv2, wonke ama-algorithms ahlukile ayengaphansi kwamalungelo obunikazi. Kusukela ngaleso sikhathi, isimo sishintshile, amalungelo obunikazi ahlobene ne-RSA aphelelwe yisikhathi, i-algorithm ye-ECDSA yengezwe, ephakeme kakhulu kune-DSA ekusebenzeni nasekuvikelekeni, kanye ne-EdDSA, ephephile futhi esheshayo kune-ECDSA. Okuwukuphela kwesici ekuqhubekeni kosekelo lwe-DSA kwakuwukugcina ukusebenzisana namadivayisi ayigugu.
Ngemva kokuhlola isimo kumaqiniso amanje, abathuthukisi be-OpenSSH bafinyelele esiphethweni sokuthi izindleko zokuqhubeka nokugcina i-algorithm ye-DSA engavikelekile azilungile futhi ukususwa kwayo kuzokhuthaza ukumiswa kokusekelwa kwe-DSA kokunye ukuqaliswa kwe-SSH nemitapo yolwazi yokubhala. Ukukhishwa kuka-Ephreli kwe-OpenSSH kuhlela ukugcina ukwakhiwa kwe-DSA, kodwa kunikeze amandla okukhubaza i-DSA ngesikhathi sokuhlanganisa. Ekukhishweni kukaJuni kwe-OpenSSH, i-DSA izokhutshazwa ngokuzenzakalela uma yakha, futhi ukusetshenziswa kwe-DSA kuzosuswa ku-codebase ekuqaleni kuka-2025.
Abasebenzisi abadinga ukwesekwa kwe-DSA yohlangothi lweklayenti bazokwazi ukusebenzisa ezinye izinhlobo zezinhlobo ezindala ze-OpenSSH, njengephakeji elihlinzekwe nge-Debian elithi "openssh-client-ssh1", elakhelwe phezu kwe-OpenSSH 7.5 futhi elakhelwe ukuxhuma kumaseva e-SSH kusetshenziswa. umthetho olandelwayo we-SSHv1, owanqanyulwa ku-OpenSSH 7.6 eminyakeni eyisithupha edlule.
Source: opennet.ru