An extremely interesting research paper published in 2023 by Keegan Ryan, Kaiwen He, George A. Sullivan, and Nadia Heninger, mathematically proves yet another weakness with RSA keys - often used as host keys by/for SSH/SFTP servers - and this time it has to do with the way they are generated.

Without delving into the math itself, which is not the purpose of this blog, we would like to take this occasion to advise our customers to use stronger keys, like ECDSA or Ed25519, instead of RSA for their host keys.

Now, Syncplify Server! does indeed test RSA keys for this kind of weakness, and potentially vulnerable keys are not imported nor accepted upon generation. Yet, time and time again RSA has proven to be on its way to becoming the weak link among host key algorithms, and it's only a matter of time until more weaknesses are discovered.

Although changing your SSH/SFTP server's host key is no easy feat (it requires you to warn your users and make sure they all discard the old key and accept the new one) it still is the recommended way to go at times. This is one such time.

Starting from the next release, Syncplify Server! will only generate 2 keys (ECDSA and Ed25519) upon installation, and will allow you to generate or import an RSA key at a later time, if you so wish. This is yet another way for Syncplify to stay ahead of the curve, and prevent the occurrence of foreseeable issues before they happen.

Always stay safe, and take care!