OpenSSH 10.1 will issue warnings when the ssh server lacks post-quantum key agreement

OpenSSH 10.1 will be released in early October. This release will start to issue warnings to the user attempts to connect to a server that lacks post-quantum key agreement, e.g.

** WARNING: connection is not using a post-quantum key exchange algorithm.
** This session may be vulnerable to "store now, decrypt later" attacks.
** The server may need to be upgraded. See https://openssh.com/pq.html

More information about this change, including the rationale for it can be found at https://openssh.com/pq.html

AIUI Gitlab uses the Golang x/crypto/ssh server. Fortunately this does support a post-quantum key agreement scheme mlkem768x25519 but only when built with Go 1.24 or greater. Furthermore, this algorithm must be manually enabled for now.

I'm filing to issue to give you some warning of this change and to ask you to please consider enabling this algorithm by default