Disabling Dropbear ssh-rsa support?

Sun Jul 6 21:43:28 PDT 2025

SHA1 is susceptible to preimaging attacks.  We shouldn’t be using RSA keys shorter than 2048 bits, nor SHA1.

People have had 7 years now to move away from SHA1.  If they haven’t by now, this would be a good wakeup call.

> On Jul 4, 2025, at 12:28 PM, Michael Richardson <mcr at sandelman.ca> wrote:
> 
> 
> I see no cryptographic reason to disable ssh-rsa today.
> (It's not broken, it has no key limits or randomless issues like DSS did)
> There is no CRQC today.
> 
> I'm unclear if that just refers to turning it off in the default
> configuration, or compiling it out.
> 