GitHub announced the deprecation, and eventual disablement, of our use of the below cryptographic standards in a prior post.
TLSv1.1- This applies to all HTTPS connections, including web, API, and Git connections to https://github.com and https://api.github.com.
diffie-hellman-group1-sha1- This applies to all SSH connections to github.com.
diffie-hellman-group14-sha1- This applies to all SSH connections to github.com.
Since publication, we have enabled
diffie-hellman-group-exchange-sha256, which will allow the majority of SSH clients to seamlessly transition away from the deprecated algorithms. As noted in the original announcement, we plan to disable
diffie-hellman-group14-sha1 on February 1, 2018.
For full details on the deprecation update, please see our GitHub Engineering blog post.
As always, if you have any questions, please get in touch.