The new OpenSSH 9.0 has moved from using the legacy protocol to using the SFTP protocol by default. This change is critical for protecting against future attacks on quantum computers.
OpenSSH, known as Open Secure Shell, is a set of computer programs that facilitate encryption using a protocol called secure shell (SSH).
Secure Shell uses public-key encryption methods to authenticate network traffic.
“We are making this change now (i.e. ahead of cryptographically-relevant quantum computers, to prevent ‘capture now, decrypt later’ attacks where an adversary who can record and store SSH session ciphertext would be able to decrypt it once a sufficiently advanced quantum computer is available,” the release note explained.
Organizations and security agencies are now stepping up security, which may help prevent future attacks on quantum computers. According to security analysts, traditional cryptography will not be enough to counter the attacks.