Source: https://cobaltstrike.net/2022/04/11/openssh-now-defends-against-quantum-computer-attacks-by-default/
With the release of OpenSSH version 9 and the adoption of the hybrid key exchange method Streamlined NTRU Prime + x25519, post-quantum cryptography by default appeared.
“The NTRU algorithm resists attacks by future quantum computers and is combined with the X25519 ECDH key exchange (the previous default value) as protection against any weaknesses in NTRU Prime that may be discovered in the future,” the release notes say.
As work on quantum computers moves forward, protection against possible attacks is also being strengthened. Due to the massive parallelism expected from workable quantum computers, traditional cryptography will be easy to crack after such a computer system is created.
In another release of OpenSSH, which mainly focused on bug fixes, the SCP team switched from the legacy default protocol to using SFTP.