Developers to Remove DSA Algorithm from OpenSSH
The developers of the Openssh presented a proposal to abandon the use of the DSA algorithm for key management. This decision was made due to the inadequate level of protection provided by DSA keys, which have a closed key size of only 160 bits and use the less secure Sha1 hash algorithm.
While the use of DSA keys was discontinued in 2015, support for the algorithm was retained as an option due to its mandatory implementation in the SSHV2 protocol. This requirement arose during the creation and approval of the SSHV2 protocol, when all alternative algorithms were covered by patents. However, the situation has since changed and patents associated with RSA have expired. Furthermore, the ECDSA algorithm, which offers better performance and security, has been introduced along with EDDSA, a safer and faster alternative to ECDSA. The only reason for continuing DSA support was to ensure compatibility with outdated devices.
After evaluating the current landscape, OpenSSH developers concluded that the costs of maintaining the insecure DSA algorithm outweigh the benefits. Consequently, they plan to remove DSA support in upcoming releases, starting with the ability to disable it during compilation in the April release. In the June release, DSA will be disabled by default, and by early 2025, the implementation of DSA will be completely removed from the code base.
For users who still require DSA support on the client side, alternative versions of older OpenSSH releases will be available. For example, the OpenSSH-CLIENT-SSH1 package, based on OpenSSH 7.5, allows connections to SSH servers using the SSHV1 protocol, which was discontinued six years ago in OpenSSH 7.6.