REQUEST: Add (re-add?) RSA host key support

[VA1DER]

One of TinySSH's stated "features" is that it uses "no older cryptographic primitives - rsa, dsa, classic diffie-hellman, hmac-md5, hmac-sha1, 3des, arcfour, …" While I would agree with almost all crypto in that list as being needing of removal, I am quite surprised by RSA being on that list.

I would like to see RSA host key support added to TinySSH.

All the best ciphers use a 256-bit session key. There is currently no way to protect this with a host key of equivalent strength. ed25519 is a great primitive, but far weaker than the session key it protects. There is a very basic rule that you never transmit keymat over a channel that is less secure than the security level of the keymat being transferred.

The only current host key primitive able to provide 256-bit grade host/client identity assurance is RSA.