Comment by BoppreH
6 hours ago
Late edit: PQC migration also includes sometimes changing configuration files/library invocations to enable the new algorithms, and ensuring that your processes still work during the migration, where you might have both pure classical and PQC/hybrid at the same time.
I just went through some ~/.ssh/config files and realized that, along side the entries for ancient systems that need to be forced to use undesirable ciphers and Kexies, I also had some entries for current systems that stipulated only the "good" values, to "protect me from hypothetical future downgrade attacks". Which means that I wasn't getting the latest PQ Kex, because my entries hadn't been updated since ssh 9.x.
Maybe the best practice here is to have one or more Boppers on your team who send out periodic notifications to update not just algos in libraries but, more importantly, make sure those updates are reflected in the damned configs.
We also really need a cultural shift where it becomes expected that, for any given app, we have something like:
$ ssh --best user@host
which does that for us. Because this is a failure mode that shouldn't even be possible for most users and cases.
There are also scanners that you can deploy to identify vulnerable servers, like https://sshcheck.com/ . Clients are harder to check, but you can always observe your logs.