Hi, Back at the start of June the version of OpenSSH that we run on the Xen Shell hosts was updated in order to provide support for ecdsa-sk and ed25519-sk keys. These are used with "security key" devices which support FIDO/U2F and was done after customer request. At the same time this version of SSH disables the ssh-rsa signature scheme. Older ssh clients may fail to negotiate an SSH connection to the Xen Shell hosts (i.e. when you do "ssh username(a)username.console.bitfolk.com&quot;) due to this. If you see an error that reads something like this: Couldn't agree a key exchange algorithm (available curve25519-sha256,curve25519-sha256(a)libssh.org,ecdh-sha2-nistp256, ecdh-sha2-nistp384,ecdh-sha2-nistp512,diffie-hellman-group16-sha512, diffiehellman-group18-sha512,diffie-hellman-group14-sha256) then this is the problem. You do not need to change your authentication keys (if any) because that is not the problem. You need to upgrade your SSH client. The above message was from PuTTY 0.64; version 0.78 and above are known to work. ssh-rsa was deprecated since version 8.2 of the server in February 2020: https://www.openssh.com/txt/release-8.2 Future deprecation notice ========================= It is now possible[1] to perform chosen-prefix attacks against the SHA-1 hash algorithm for less than USD$50K. For this reason, we will be disabling the "ssh-rsa" public key signature algorithm that depends on SHA-1 by default in a near-future release. [1] "SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and Application to the PGP Web of Trust" Leurent, G and Peyrin, T (2020) https://eprint.iacr.org/2020/014.pdf It was then disabled from version 8.8 in September 2021: https://www.openssh.com/txt/release-8.8 Potentially-incompatible changes ================================ This release disables RSA signatures using the SHA-1 hash algorithm by default. This change has been made as the SHA-1 hash algorithm is cryptographically broken, and it is possible to create chosen-prefix hash collisions for <USD$50K. For most users, this change should be invisible and there is no need to replace ssh-rsa keys. OpenSSH has supported RFC8332 RSA/SHA-256/512 signatures since release 7.2 and existing ssh-rsa keys will automatically use the stronger algorithm where possible. If you are unsure whether this affects you, just verify that you can connect to your Xen Shell host. If you can't, and you can't find a way to upgrade your client (or doing so is ineffective), please let us know at support(a)bitfolk.com. Again, this not about rsa authentication keys. You do not need to abandon ssh-rsa public keys: https://ikarus.sg/rsa-is-not-dead/ Thanks, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting