diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md
index 3266d994363e49..372a20e518c554 100644
--- a/doc/api/deprecations.md
+++ b/doc/api/deprecations.md
@@ -3202,6 +3202,9 @@ option, or a non-nullish non-boolean value for `verbatim` option in
 
 <!-- YAML
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/58706
+    description: End-of-Life.
   - version: v20.0.0
     pr-url: https://github.com/nodejs/node/pull/45653
     description: Runtime deprecation.
@@ -3210,10 +3213,9 @@ changes:
     description: Documentation-only deprecation.
 -->
 
-Type: Runtime
+Type: End-of-Life
 
-The `'hash'` and `'mgf1Hash'` options are replaced with `'hashAlgorithm'`
-and `'mgf1HashAlgorithm'`.
+Use  `'hashAlgorithm'` instead of `'hash'`, and `'mgf1HashAlgorithm'` instead of `'mgf1Hash'`.
 
 ### DEP0155: Trailing slashes in pattern specifier resolutions
 
diff --git a/lib/internal/crypto/keygen.js b/lib/internal/crypto/keygen.js
index e3f3e3e6b9ac82..3d1ba4a883417b 100644
--- a/lib/internal/crypto/keygen.js
+++ b/lib/internal/crypto/keygen.js
@@ -195,7 +195,7 @@ function createJob(mode, type, options) {
       }
 
       const {
-        hash, mgf1Hash, hashAlgorithm, mgf1HashAlgorithm, saltLength,
+        hashAlgorithm, mgf1HashAlgorithm, saltLength,
       } = options;
 
       if (saltLength !== undefined)
@@ -204,27 +204,27 @@ function createJob(mode, type, options) {
         validateString(hashAlgorithm, 'options.hashAlgorithm');
       if (mgf1HashAlgorithm !== undefined)
         validateString(mgf1HashAlgorithm, 'options.mgf1HashAlgorithm');
-      if (hash !== undefined) {
-        process.emitWarning(
-          '"options.hash" is deprecated, ' +
-          'use "options.hashAlgorithm" instead.',
-          'DeprecationWarning',
-          'DEP0154');
-        validateString(hash, 'options.hash');
-        if (hashAlgorithm && hash !== hashAlgorithm) {
-          throw new ERR_INVALID_ARG_VALUE('options.hash', hash);
-        }
+      if (options.hash !== undefined) {
+        // This API previously accepted a `hash` option that was deprecated
+        // and removed. However, in order to make the change more visible, we
+        // opted to throw an error if hash is specified rather than removing it
+        // entirely.
+        throw new ERR_INVALID_ARG_VALUE(
+          'options.hash',
+          options.hash,
+          'is no longer supported',
+        );
       }
-      if (mgf1Hash !== undefined) {
-        process.emitWarning(
-          '"options.mgf1Hash" is deprecated, ' +
-          'use "options.mgf1HashAlgorithm" instead.',
-          'DeprecationWarning',
-          'DEP0154');
-        validateString(mgf1Hash, 'options.mgf1Hash');
-        if (mgf1HashAlgorithm && mgf1Hash !== mgf1HashAlgorithm) {
-          throw new ERR_INVALID_ARG_VALUE('options.mgf1Hash', mgf1Hash);
-        }
+      if (options.mgf1Hash !== undefined) {
+        // This API previously accepted a `mgf1Hash` option that was deprecated
+        // and removed. However, in order to make the change more visible, we
+        // opted to throw an error if mgf1Hash is specified rather than removing
+        // it entirely.
+        throw new ERR_INVALID_ARG_VALUE(
+          'options.mgf1Hash',
+          options.mgf1Hash,
+          'is no longer supported',
+        );
       }
 
       return new RsaKeyPairGenJob(
@@ -232,8 +232,8 @@ function createJob(mode, type, options) {
         kKeyVariantRSA_PSS,
         modulusLength,
         publicExponent,
-        hashAlgorithm || hash,
-        mgf1HashAlgorithm || mgf1Hash,
+        hashAlgorithm,
+        mgf1HashAlgorithm,
         saltLength,
         ...encoding);
     }
diff --git a/test/parallel/test-crypto-keygen-deprecation.js b/test/parallel/test-crypto-keygen-deprecation.js
deleted file mode 100644
index 926dfbbc4ae987..00000000000000
--- a/test/parallel/test-crypto-keygen-deprecation.js
+++ /dev/null
@@ -1,49 +0,0 @@
-'use strict';
-
-const common = require('../common');
-if (!common.hasCrypto)
-  common.skip('missing crypto');
-
-const DeprecationWarning = [];
-DeprecationWarning.push([
-  '"options.hash" is deprecated, use "options.hashAlgorithm" instead.',
-  'DEP0154']);
-DeprecationWarning.push([
-  '"options.mgf1Hash" is deprecated, use "options.mgf1HashAlgorithm" instead.',
-  'DEP0154']);
-
-common.expectWarning({ DeprecationWarning });
-
-const assert = require('assert');
-const { generateKeyPair } = require('crypto');
-
-{
-  // This test makes sure deprecated options still work as intended
-
-  generateKeyPair('rsa-pss', {
-    modulusLength: 512,
-    saltLength: 16,
-    hash: 'sha256',
-    mgf1Hash: 'sha256'
-  }, common.mustSucceed((publicKey, privateKey) => {
-    assert.strictEqual(publicKey.type, 'public');
-    assert.strictEqual(publicKey.asymmetricKeyType, 'rsa-pss');
-    assert.deepStrictEqual(publicKey.asymmetricKeyDetails, {
-      modulusLength: 512,
-      publicExponent: 65537n,
-      hashAlgorithm: 'sha256',
-      mgf1HashAlgorithm: 'sha256',
-      saltLength: 16
-    });
-
-    assert.strictEqual(privateKey.type, 'private');
-    assert.strictEqual(privateKey.asymmetricKeyType, 'rsa-pss');
-    assert.deepStrictEqual(privateKey.asymmetricKeyDetails, {
-      modulusLength: 512,
-      publicExponent: 65537n,
-      hashAlgorithm: 'sha256',
-      mgf1HashAlgorithm: 'sha256',
-      saltLength: 16
-    });
-  }));
-}
diff --git a/test/parallel/test-crypto-keygen-duplicate-deprecated-option.js b/test/parallel/test-crypto-keygen-duplicate-deprecated-option.js
deleted file mode 100644
index 854ad6e35efcd3..00000000000000
--- a/test/parallel/test-crypto-keygen-duplicate-deprecated-option.js
+++ /dev/null
@@ -1,43 +0,0 @@
-'use strict';
-
-const common = require('../common');
-if (!common.hasCrypto)
-  common.skip('missing crypto');
-
-const assert = require('assert');
-const {
-  generateKeyPair,
-} = require('crypto');
-
-// This test makes sure deprecated and new options may be used
-// simultaneously so long as they're identical values.
-{
-  generateKeyPair('rsa-pss', {
-    modulusLength: 512,
-    saltLength: 16,
-    hash: 'sha256',
-    hashAlgorithm: 'sha256',
-    mgf1Hash: 'sha256',
-    mgf1HashAlgorithm: 'sha256'
-  }, common.mustSucceed((publicKey, privateKey) => {
-    assert.strictEqual(publicKey.type, 'public');
-    assert.strictEqual(publicKey.asymmetricKeyType, 'rsa-pss');
-    assert.deepStrictEqual(publicKey.asymmetricKeyDetails, {
-      modulusLength: 512,
-      publicExponent: 65537n,
-      hashAlgorithm: 'sha256',
-      mgf1HashAlgorithm: 'sha256',
-      saltLength: 16
-    });
-
-    assert.strictEqual(privateKey.type, 'private');
-    assert.strictEqual(privateKey.asymmetricKeyType, 'rsa-pss');
-    assert.deepStrictEqual(privateKey.asymmetricKeyDetails, {
-      modulusLength: 512,
-      publicExponent: 65537n,
-      hashAlgorithm: 'sha256',
-      mgf1HashAlgorithm: 'sha256',
-      saltLength: 16
-    });
-  }));
-}
diff --git a/test/parallel/test-crypto-keygen.js b/test/parallel/test-crypto-keygen.js
index edaee845075668..e0515c15776fc6 100644
--- a/test/parallel/test-crypto-keygen.js
+++ b/test/parallel/test-crypto-keygen.js
@@ -800,22 +800,3 @@ const { hasOpenSSL3 } = require('../common/crypto');
     message: 'Invalid MGF1 digest: sha2'
   });
 }
-
-{
-  // This test makes sure deprecated and new options must
-  // be the same value.
-
-  assert.throws(() => generateKeyPair('rsa-pss', {
-    modulusLength: 512,
-    saltLength: 16,
-    mgf1Hash: 'sha256',
-    mgf1HashAlgorithm: 'sha1'
-  }, common.mustNotCall()), { code: 'ERR_INVALID_ARG_VALUE' });
-
-  assert.throws(() => generateKeyPair('rsa-pss', {
-    modulusLength: 512,
-    saltLength: 16,
-    hash: 'sha256',
-    hashAlgorithm: 'sha1'
-  }, common.mustNotCall()), { code: 'ERR_INVALID_ARG_VALUE' });
-}