testssl.sh 

TL;DR: OpenSSH has since version 9.0 PQC kx enabled. Use it!

You might want to check the key exchange algos for SSH, if you had hardened them on the client or server side like years back -- unless you want your ssh sessions be vulnerable to "store now, decrypt later" attacks .

Only newer #OpenSSH clients (>10.1) issue a warning if the kx is not #PQC safe.

https://www.openssh.org/pq.html

(ssh -v , look for "kex: algorithm ")

Apr 9 at 8:17amWeb
Show thread9x0rg2d ago

> If we're right about quantum computers being practical, then we will have protected vast quantities of user data. If we're wrong about it, then all we'll have done is moved to cryptographic algorithms with stronger mathematical underpinnings. -- OpenSSH

Thanks @testssl