OpenSSH private key encryption: time for AES?

Wed Jan 21 13:23:22 EST 2009

Jim Knoble wrote:
> Alternatively:
> 
>     # Encrypt with AES-256:
>     ssh-keygen -t rsa -A
> 
>     # Encrypt with 3DES:
>     ssh-keygen -t rsa -3
> 
>     # Use default encryption:
>     ssh-keygen -t rsa
> 
> Finally:
> 
>     # Encrypt with AES-256:
>     ssh-keygen -t rsa
> 
>     # Encrypt with 3DES ('-O' for "old"):
>     ssh-keygen -t rsa -O:1

I like both these ideas.

//Peter