Mycroft2 and ssh-rsa?

Hi Mycroft, I’m a prospective user interested in talking/listening posts designed by knowledgeable experts with reputable backing.

Your installation instructions [1] say that the encryption protocol for SSH is “ssh-rsa”; however, this seems to go against the “future deprecation notice” from the latest release of OpenSSH [2]. Is your system set up to work with other key types?

Assuming an adversary has read access to the public key and a big-enough budget to compute collisions, is there currently a threat of unexpected third-party access?

I would be interested to read a full-stack security analysis complete with proofs that the Mycroft2 communication protocol cannot be used for intrusion. Does such a document exist?



[1] Mark II - Mycroft AI

1 Like

Document #1 was posted before #2 was published, so may not have had an update yet to account for the recent ssh issue.