Warning from OpenSSH Client when connecting to Dropbear SSH Server in OpenWrt: connection is not using a post-quantum key exchange algorithm

ka2107 · October 14, 2025, 7:36am

SSH Server :

dropbear - 2024.86-r1 (opkg pkg)
OpenWrt 24.10.3, r28872-daca7c049b

SSH Client :

OpenSSH_10.2p1, OpenSSL 3.6.0
Arch Linux x86_64

I am currently using ed25519 keys.

Warning Message:

** WARNING: connection is not using a post-quantum key exchange algorithm.
** This session may be vulnerable to "store now, decrypt later" attacks.
** The server may need to be upgraded. See https://openssh.com/pq.html

I connect to some remote OpenWrt devices over their WAN (non standard ports).
Should I be worried ?

frollic · October 14, 2025, 7:44am

did you see ^ ?

egc · October 14, 2025, 7:45am

I am not, quantum computers are not here yet besides why would any one store my traffic for future analysis?
If I was an enemy of state that might change and I would use something like https://datatracker.ietf.org/doc/draft-ietf-sshm-mlkem-hybrid-kex/

But Dropbear does not support that yet so you need to install the full SSH server if you are worried and want to use such a key

pmarques · October 14, 2025, 7:45am

If you are not opening SSH to the internet you definitely can ignore that.

If you have SSH open to the internet, ypu probably can ignore the warning unless you think you are a high value target

You can ways follow the link and generate the new post-quantum keys

brada4 · October 14, 2025, 1:55pm

IRL you still need RSA for what is called “network infrastructure”

egc · October 15, 2025, 3:52pm

I just had a quick look at it seems that Main/Snapshot build has Dropbear 2025.88 with:
CONFIG_DROPBEAR_MLKEM768 CONFIG_DROPBEAR_SNTRUP761
So that should have post quantum keys enabled