On Monday, 12 November 2018, Acquia is making a change to the supported algorithms used by libssh2 on the Acquia Cloud platform. As of Monday, 12 November 2018, we will be removing support for algorithms used by all versions of libssh2 below 1.7.0. Libssh2 is a package used by libgit2, which may be used to communicate with Acquia Git repositories. This change is a part of our ongoing efforts to improve the security and compliance of the Acquia Cloud platform.
Why are you making this change?
Versions of libssh2 below version 1.7.0 do not meet security requirements necessary to remain compliant with FIPS (Federal Information Processing Standards). Acquia is removing support for these older versions of libssh2 to ensure the continued security and compliance of the Acquia Cloud platform.
What does this change mean for my application?
This change does not impact how your application runs on the Acquia Cloud platform; it will not impact your applications availability or functionality.
However, if you are using any external code deployment tools you will need to ensure that these are using a support version of libssh2 to continue to be able to authenticate and push code changes to your Acquia code repository. If you are using a version of libssh2 below 1.7.0, you will need to update your deployment tools in order for your applications and workflows to continue operating as expected after this change is implemented.
How do I know if I will be impacted by this change?
You can check to see if you will be impacted by this change by checking the version of libssh your code deployment tooling is dependent on.
Under Linux, you can use ldd /path/to/your/tool to see if there is a dependency on libssh; if so, your remediation is to just ensure that all your environment's libraries is up to date with the official OS's repositories (e.g. Ubuntu/Canonical, Redhat, Fedora, etc.). For example, here's the official Canonical/Ubuntu notification: https://usn.ubuntu.com/3795-1/