내용으로 건너뛰기
AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post
re:Post 소개

When will openssh server in Amazon linux 2023 support Post Quantum Ciphers

0

OSX 26.3 released around Feb 11, 2026 now have openssh 10 which now by default shows a client side warning message when it tries to connect to an ssh server that does not support the newer quantum safe ciphers.

** WARNING: connection is not using a post-quantum key exchange algorithm.
** This session may be vulnerable to "store now, decrypt later" attacks.
** The server may need to be upgraded. See https://openssh.com/pq.html

The latest Amazon linux 2023 build "PRETTY_NAME="Amazon Linux 2023.10.20260302" ships with OpenSSH_8.7p1 which is lacking these ciphers.
**What is the plan from Amazon to upgrade the openssh server package within their distribution to support newer ciphers. ** Currently we have managed to suppress the warning msg by asking end users to add this to their $HOME/.ssh./config file

# Needed as OSX 26.3 now shows warning of Post Quatum Cipher not being supported on server
# This will just remove the warning, it will still attempt to use the strongest cipher, so when server is upgrades, you will get the benefit
Host *
        WarnWeakCrypto no-pq-kex
주제
컴퓨팅
태그
암호화Amazon EC2아마존 리눅스
언어
English
질문됨 3달 전239회 조회
3개 답변
5
수락된 답변

Hi, I'm also a macOS user and have seen this since the recent update to macOS 26.3 (which bundled OpenSSH 10.0). This version now actively warns users about 'Store Now, Decrypt Later' (SNDL) risks.

While I personally recommend using AWS Systems Manager (SSM) Session Manager to access EC2 instances (as it's the AWS-recommended, more secure way that doesn't require opening port 22 or managing SSH keys), here is the technical background for your OpenSSH question:

The warning message observed in macOS 26.3 is a result of OpenSSH 10.0+ enforcing visibility on "Store Now, Decrypt Later" (SNDL) risks.

Technical:

  • AL2023 Status: Currently ships with OpenSSH 8.7p1. Post-Quantum Key Exchange (specifically sntrup761) was introduced in OpenSSH 9.0.
  • The Gap: Because AL2023 focuses on predictable stability, it does not automatically track the latest upstream "bleeding edge" versions.

Path Forward:

  • Official Request: As of now, AWS hasn't published a specific date for the OpenSSH 9.x/10.x transition in the AL2023 repositories. I recommend monitoring the AL2023 Release Notes -> https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes.html
  • Mitigation: Your current workaround (WarnWeakCrypto no-pq-kex) is the correct operational approach to maintain UX without compromising existing security.

Security Context:

  • The warning is proactive. Current AES-256/ECDSA encryption is still secure against all existing classical computers. The PQC update is a 'future-proofing' measure.

Perhaps it would be also a way when you report it via https://github.com/amazonlinux/amazon-linux-2023/issues

Regarding access your EC2 via SSM, see: https://repost.aws/knowledge-center/install-ssm-agent-ec2-linux

PS: I'm not an AWS employee, just a fellow Mac/Amazon Linux user. Hope this helps!

전문가
답변함 3달 전
2

Hello,

As you have mentioned, currently Amazon Linux 2023 (AL2023) ships with OpenSSH 8.7 which does not natively support PQC (Post-Quantum Cryptography) key exchange. This predates the post-quantum key exchange algorithms introduced in OpenSSH 9.0+ (and further enhanced in OpenSSH 10.0).

Post-Quantum Cryptography Migration Plan

AWS has published a comprehensive Post-Quantum Cryptography Migration Plan that outlines a multi-layered approach across four workstreams [1] :

--> Workstream 1: Inventory of existing systems, identification and development of new standards, testing, and migration planning.

--> Workstream 2: Integration of PQC algorithms on public AWS endpoints to provide long-lived confidentiality of customer data transmitted to AWS.

--> Workstream 3: Integration of PQC signing algorithms into AWS cryptographic services to enable customers to deploy new post-quantum long-lived roots of trust to be used for functions such as software, firmware, and document signing.

--> Workstream 4: Integration of PQC signing algorithms into AWS services to enable the use of post-quantum signatures for session-based authentication such as server and client certificate validation.

Regarding OpenSSH Updates:

While AWS is actively working on PQC integration across services, specific timelines for OpenSSH package upgrades in Amazon Linux 2023 are not available.

Unfortunately, it is unlikely to bump OpenSSH since they are subject to FIPS 140-3 validation. This version will most likely be in scope for the subsequent release of Amazon Linux.

Next Steps

You may perform the following actions :

--> Submit feedback through the Amazon Linux GitHub repository to ensure your use case is visible to the product team : https://github.com/amazonlinux/amazon-linux-2023/issues/

--> Monitor the Amazon Linux 2023 release notes for any potential OpenSSH package updates : https://docs.aws.amazon.com/linux/al2023/release-notes/relnotes.html

References

[1] PQC Migration plan : https://aws.amazon.com/blogs/security/aws-post-quantum-cryptography-migration-plan/

[2] https://github.com/amazonlinux/amazon-linux-2023/issues/894

AWS
답변함 3달 전
AWS
전문가
검토됨 3달 전
2

Note: The issue/report to update OpenSSH 9.x/10.x on Github is here: https://github.com/amazonlinux/amazon-linux-2023/issues/894 (👍for the issue are welcome).

답변함 3달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

관련 콘텐츠