|
Management SSH Server—Host Key Algorithms
|
Starting in PAN-OS 12.1.8, the management SSH server exclusively
advertises rsa-sha2-512 for RSA host key
authentication in FIPS-CC mode. The previously advertised
ssh-rsa and rsa-sha2-256
algorithms are no longer permitted.
This change is required by the collaborative Protection Profile for
Network Devices Version 4.0 (NDcPPv4.0e), published December 22,
2025.
Impact: SSH clients older than OpenSSH 7.2 or SecureCRT 9.0
will fail to connect to firewalls running PAN-OS 12.1.8 or later in
FIPS-CC mode using default RSA host keys.
Workaround: If a legacy client must connect, configure the
default SSH host key for management SSH to an ECDSA key type and
commit the configuration. ECDSA-based host key authentication is
unaffected by this change.
|