The server-side SSH-1 protocol removal from RHEL 7.4

Updated -

The SSH-1 protocol was introduced in 1996 (implemented in 1995) and serious attack was discovered just two years later in 1998 1. More vulnerabilities were discovered in the following years which rendered the protocol insecure and lead to disabling by default both upstream in 2010 (See OpenSSH 5.4 Release Notes2) and in RHEL in 2007 when RHEL 5 released and inherited the change from Fedora 3. This protocol can be compared to the SSL 2.0 protocol, which was introduced around the same time and was abandoned long ago.

The SSH-2 protocol specification was published in 2006 (but implementation in OpenSSH dates back to 2001) and should be used instead. It has been available for more than fifteen years and should be used wherever possible.

The SSH-1 code was dropped from the upstream OpenSSH project in 2016 (see OpenSSH 7.4 Release Notes), is no longer maintained and the compatibility layer introduces significant complexity and potential attack surface. If parts of your infrastructure depend on this protocol you should consider updating to SSH-2 immediately.

The SSH-1 protocol was introduced in 1996 (implemented in 1995) and serious attack was discovered just two years later in 1998 1. More vulnerabilities were discovered in the following years which rendered the protocol insecure and lead to disabling by default both upstream in 2010 (See OpenSSH 5.4 Release Notes2) and in RHEL in 2007 when RHEL 5 released and inherited the change from Fedora 3. This protocol can be compared to the SSL 2.0 protocol, which was introduced around the same time and was abandoned long ago.

The SSH-2 protocol specification was published in 2006 (but implementation in OpenSSH dates back to 2001) and should be used instead. It has been available for more than fifteen years and should be used wherever possible.

The SSH-1 code was dropped from the upstream OpenSSH project in 2016 (see OpenSSH 7.4 Release Notes), is no longer maintained and the compatibility layer introduces significant complexity and potential attack surface. If parts of your infrastructure depend on this protocol you should consider updating to SSH-2 immediately.

Frequently Asked Questions (FAQ)

Does it affect SSH client?

No. The SSH-1 support in the client was preserved and you can still connect to old SSH-1 servers with RHEL7.4 clients. Note that you need to slightly change the default client configuration to allow SSH-1 protocol negotiation, preferably in the SSH configuration for specific legacy host only (this was also needed in previous minor versions of RHEL7):

    Host legacy.example.com
        Protocol 2,1

We have legacy clients sending data using the SSH-1 protocol to RHEL servers, will those clients still be able to connect?

Once you install the openssh package from RHEL 7.4, the server will no longer be able to negotiate using the SSH-1 protocol. Consideration should be given to update the client to the SSH-2 protocol.

The usage of the SSH-1 protocol on insecure networks is not recommended and if a network is well-secured, there are other means of transport (FTP, TFTP, stunnel, etc.).

Are there any possible workarounds?:

Use the RHEL 7.3 OpenSSH package for the time of the transition. The latest version of openssh from 7.3.z at the time of this writing is openssh-6.6.1p1-35.el7_3.

RHBA-2017:0915 - openssh bug fix update

Was this helpful?

We appreciate your feedback. Leave a comment if you would like to provide more detail.
It looks like we have some work to do. Leave a comment to let us know how we could improve.