[patch] ssh-keygen(1): generate Ed25519 keys when invoked without arguments
Stuart Henderson
stu at spacehopper.org
Mon Sep 4 08:35:20 AEST 2023
On 2023/09/03 22:13, Job Snijders wrote:
> Dear all,
>
> Ed25519 public keys being as small as they are is very convenient.
> There is an opportunity to nudge the world towards modern algorithms.
> I believe choices made in OpenSSH can positively impact the wider
> eco-system and industry. I'd like to suggest ssh-keygen to generate an
> Ed25519 keypair, if invoked without any arguments.
>
> OpenSSH has supported Ed25519 since version 6.5 (January 2014).
> The newly published FIPS 186-5 (February 2023) guidelines approve
> the EdDSA algorithms specified in IETF RFC 8032 (January 2017).
amazingly, even Mikrotik finally added support (August 2023)...
> At p2k23 Theo de Raadt suggested now (before OpenBSD 7.4 release) is
> good timing to consider this change. Is there a reason not to do this?
>
> OK?
Seems a sane default to me. People can always use -t rsa if needed.
More information about the openssh-unix-dev
mailing list