The developers of two open source code libraries for Secure Shell, which is the protocol used by millions of computers to create encrypted connections, have decided to no longer support the Secure Hash Algorithm 1 (SHA-1) due to growing security concerns.
“It is now possible to perform chosen-prefix attacks against the SHA-1 algorithm for less than USD$50K. For this reason, we will be disabling the “ssh-rsa” public key signature algorithm by default in a near-future release. This algorithm is unfortunately still used widely despite the existence of better alternatives, being the only remaining public key signature algorithm specified by the original SSH RFCs.”
SHA-1 is a cryptographic hash function that was first developed in 1995. It is used for producing hash “digests” which are each 40 hexadecimal characters long and these digests are meant to be distinct for every message, file and function that uses them.
A collision is a cryptographic term used to describe when two or more inputs generate the same outputted digest and researchers began warning that SHA-1 was becoming increasingly vulnerable to collisions almost a decade ago.
In 2017, SHA-1 fell victim to a collision attack that cost $110,000 to produce which lead to a number of browsers, browser-trusted certificate authorities and software update systems to abandon the algorithm though some services and software continued using it despite the risk.
While OpenSSH and Libssh will no longer support SHA-1, the encryption algorithm is still supported in recent versions of OpenSSL.