An extremely interesting research paper published in 2023 by Keegan Ryan, Kaiwen He, George A. Sullivan, and Nadia Heninger, mathematically proves yet another weakness with RSA keys – often used as host keys by/for SSH/SFTP servers – and this time it has to do with the way they are generated.
Without delving into the math itself, which is not the purpose of this blog, we would like to take this occasion to advise our customers to use stronger keys, like ECDSA or Ed25519, instead of RSA for their host keys.
Read More