As of version 8.0, OpenSSH supports an experimental post-quantum key exchange using the sntrup4591761x25519-sha512@tinyssh.org key exchange
Only >= 8.0 have support, but some vendors may currently or eventually backport it into 7.9 (though this is unlikely due to refactoring in 8.0)
$ ssh -Q kex
diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
diffie-hellman-group-exchange-sha1
diffie-hellman-group-exchange-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
curve25519-sha256
curve25519-sha256@libssh.org
sntrup4591761x25519-sha512@tinyssh.org <---- This is what you should be looking for
If sntrup4591761x25519-sha512@tinyssh.org is present in your kex list then your client already supports it and you won't need to upgrade
# /opt/openssh-8.1p1/sbin/sshd -T | grep kex
kexalgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,sntrup4591761x25519-sha512@tinyssh.org
Once again, check for the presence of sntrup4591761x25519-sha512@tinyssh.org. If it is present, your server supports it
$ ssh -oKexAlgorithms=sntrup4591761x25519-sha512@tinyssh.org -v user@host
...
debug1: kex: algorithm: sntrup4591761x25519-sha512@tinyssh.org
...
Rather than using the command-line, you can of course add this to your ~/.ssh/config file, or to the system-wide ssh client configuration file, usually /etc/ssh/ssh_config
Host *
KexAlgorithms=sntrup4591761x25519-sha512@tinyssh.org
If you only want to enable it for a single host, use it inside a different Host block to avoid making it global
That's all!
Grab the OpenSSH 8 package and use the following to quickly build the client and server in isolation for testing, in case your distribution doesn't yet have an OpenSSH 8 package
sudo apt-get install \
autotools-dev \
bc \
bison \
build-essential \
debhelper \
devscripts \
dh-autoreconf \
dh-exec \
dh-systemd \
dpkg-dev \
fakeroot \
flex \
libaudit-dev \
libedit-dev \
libgtk-3-dev \
libpam-dev \
libselinux1-dev \
libssl-dev \
libsystemd-dev \
libwrap0-dev \
zlib1g-dev
Note: Choose only one of the XAUTH values depending on whether you want X11Forwarding!
$ export DEFAULT_PATH="/bin:/sbin:/usr/bin:/usr/sbin"
$ export PREFIX="/opt/openssh-8.1p1"
$ export XAUTH="--with-xauth=/usr/bin/xauth"
$ export XAUTH="--without-xauth"
$ ./configure \
--prefix=/opt/openssh-8.1p1 \
--sysconfdir="${PREFIX}/etc/ssh" \
--libexecdir="${PREFIX}/lib/openssh" \
--with-mantype=doc \
--with-privsep-path="${PREFIX}/run/sshd" \
--with-pid-dir="${PREFIX}/run" \
--with-pam \
--with-libedit \
--with-systemd \
--with-ssl-engine \
--with-audit=linux \
${XAUTH} \
--with-default-path="${DEFAULT_PATH}" \
--with-superuser-path="${DEFAULT_PATH}" \
--with-ldflags='-Wl,--as-needed' \
--with-pie \
--without-openssl-header-check
$ make -j && sudo make install
Grab the OpenSSH 8 package and use the following to quickly build the client and server in isolation for testing, in case your distribution doesn't yet have an OpenSSH 8 package
$ ./configure --prefix=/opt/openssh-8.1p1 --sysconfdir=/opt/openssh-8.1p1/etc/ssh --libexecdir=/opt/openssh-8.1p1/lib/openssh --with-mantype=doc --with-privsep-path=/opt/openssh-8.1p1/run/sshd --with-pid-dir=/opt/openssh-8.1p1/run --with-pam --with-libedit --with-ssl-engine --with-audit=linux --without-xauth --with-default-path=/bin:/sbin:/usr/bin:/usr/sbin --with-superuser-path=/bin:/sbin:/usr/bin:/usr/sbin --with-ldflags='-Wl,--as-needed' --with-pie --without-openssl-header-check
$ make -j && sudo make install
$ sudo apt-get update
$ sudo apt-get source openssh-server
$ wget https://ftp4.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.1p1.tar.gz
$ tar -xvzf openssh-8.1p1.tar.gz && cd openssh-8.1p1
$ dpkg-buildpackage -rfakeroot -b
$ cd .. && ls -lrt
$ sudo systemctl stop ssh
$ sudo dpkg -i --force-confold openssh-*.deb
$ sshd -V