Ars Technica

In a first, cryptographic keys protecting SSH connections stolen in new attack

For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally ...
Bleeping Computer

Researchers extract RSA keys from SSH server signing errors

A team of academic researchers from universities in California and Massachusetts demonstrated that it’s possible under certain conditions for passive network attackers to retrieve secret RSA keys from ...
Ars Technica

Dangerous SHA-1 crypto function is about to die in SSH

Disabling the ssh-rsa type of key will be a big issue though for those using smartcards to authenticate. A big usecase of OpenPGP cards is authenticating over SSH, and not being able to do this ...