Subscribe to the Non-Human & AI Identity Journal
Home FAQ What do security teams get wrong about PQC…

What do security teams get wrong about PQC readiness in SSH?

← Back to all FAQ
By NHI Mgmt Group Editorial Team Updated July 10, 2026

Teams often confuse package availability with real-world protection. A host can support a hybrid algorithm list and still negotiate a classical exchange if the peer, policy, or distro defaults are not aligned. Readiness only exists when the negotiated algorithm is verified in production-like tests, not when the software simply lists PQC support.

Why This Matters for Security Teams

pqc readiness in SSH is easy to misread because the presence of a hybrid cipher list does not prove that endpoints, jump hosts, bastions, and automation clients will actually negotiate it. Security teams often treat “support” as the same thing as “enforced use,” then discover that older peers, distro defaults, or compatibility fallbacks preserve classical key exchange in production. That creates a false sense of resilience during long-lived administrative sessions and machine-to-machine access flows.

This matters because SSH is often the control plane for privileged administration, CI/CD, and non-human access. If the negotiated algorithm is not verified end to end, teams may keep exposing high-value sessions to classical cryptographic assumptions long after they believe they have upgraded. Current guidance from the NIST Cybersecurity Framework 2.0 is to validate protective controls in operating conditions, not on configuration claims alone. NHI Management Group has shown how often identity and credential controls look stronger on paper than in live environments; in its Ultimate Guide to NHIs, only 5.7% of organisations reported full visibility into their service accounts. In practice, many security teams encounter cryptographic fallback only after privileged workflows have already been standardized around weak defaults.

How It Works in Practice

SSH PQC readiness is a negotiation problem first and a software installation problem second. A server can advertise hybrid post-quantum key exchange, but the actual session outcome depends on the client’s supported algorithms, the server’s preference order, library versions, and any middleboxes or orchestration layers that alter defaults. That means readiness must be measured by observed handshakes, not by package inventories or vendor release notes.

Security teams should test the full path used by real administrators and automation. That includes bastions, jump hosts, configuration management tools, backup jobs, and container build systems that initiate SSH non-human access. A practical validation sequence usually includes:

  • Confirming which key exchange algorithms are actually negotiated during live sessions.
  • Checking whether any legacy hosts force a classical fallback when a PQC-capable peer is unavailable.
  • Verifying that automation accounts and service identities inherit the same policy as interactive users.
  • Logging the negotiated algorithm in SIEM so compliance and operations can see drift over time.

The identity connection matters here: SSH is often the transport for privileged NHI activity, so weak cryptographic posture can preserve over-privileged automation paths even when human access is tightly governed. That aligns with the broader NHI risk pattern described in the State of Non-Human Identity Security, where credential and visibility gaps dominate real-world exposure. PQC readiness should therefore be treated as part of identity assurance, not as a standalone crypto checkbox. These controls tend to break down when mixed-distro fleets, old OpenSSH builds, or vendor-managed appliances cannot negotiate the same hybrid algorithms because teams silently allow fallback to keep operations moving.

Common Variations and Edge Cases

Tighter SSH crypto policy often increases operational friction, requiring organisations to balance resilience against compatibility and supportability. That tradeoff is especially visible in estates with embedded devices, older Linux distributions, or third-party appliances where PQC-capable libraries lag behind policy. There is no universal standard for this yet, so best practice is evolving: some teams will enforce hybrid algorithms only on high-value admin paths first, while others stage enforcement by trust tier and business criticality.

Two edge cases deserve attention. First, a “green” result in lab testing may not hold in production if bastions, load balancers, or session recording tools terminate and re-establish SSH in the middle of the path. Second, teams can overestimate readiness when they update only servers; if clients, automation runners, or SDKs are not aligned, the session will still negotiate classical exchange. In regulated environments, document which paths are approved for hybrid use and which remain transitional, then retest after every OS, OpenSSH, or library update. That approach also helps tie PQC adoption back to broader security governance under NIST Cybersecurity Framework 2.0 rather than leaving it as an isolated engineering task.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0, NIST Zero Trust (SP 800-207) and NIST AI RMF set the governance and control requirements practitioners need to meet.

FrameworkControl / ReferenceRelevance
NIST CSF 2.0PR.DSSSH PQC readiness is about protecting data in transit and validating cryptographic posture.
NIST Zero Trust (SP 800-207)SC-23PQC SSH sits inside zero trust session protection and secure channel validation.
OWASP Non-Human Identity Top 10SSH often carries non-human identity traffic, making algorithm fallback an NHI governance issue.
NIST AI RMFIf AI systems use SSH for admin or deployment, crypto readiness affects model and tooling integrity.

Verify approved SSH algorithm use in production and monitor for fallback to weaker transport protection.

NHIMG Editorial Note
Reviewed and updated by the NHIMG editorial team on July 10, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org