Roadmap for post-quantum ssh client

[nisbet-hubbard]

Checklist

• Using latest version on the App Store
• Read the docs
• Searched for existing GitHub issues

Configuration

Not relevant to the issue

Describe the bug

OpenSSH has used sntrup761x25519-sha512@openssh.com by default since 9.0 (2022) to prevent capture-now decrypt-later attacks.

Are there plans for implementing this in Blink’s ssh client independent of libssh?

[carloscabanero]

We usually rely on libssh for this. They have a great track record of implementing cryptography and rarely lag behind. In cases where we deemed necessary we have done our own implementations (ie, we use OpenSSH for key handling as there were compatibility issues with libssh). So my question is, why should we do this "independent" of libssh?

[nisbet-hubbard]

The PR on this at libssh is currently stuck due to lack of time for debugging: https://gitlab.com/libssh/libssh-mirror/-/merge_requests/400. Would there be any chance for using OpenSSH for their post-quantum work?