[patch] ssh-keygen(1): generate Ed25519 keys when invoked without arguments
Damien Miller
djm at mindrot.org
Wed Sep 6 11:18:10 AEST 2023
On Mon, 4 Sep 2023, Thorsten Glaser wrote:
> On Sun, 3 Sep 2023, Stuart Henderson wrote:
>
> >> OpenSSH has supported Ed25519 since version 6.5 (January 2014).
>
> >amazingly, even Mikrotik finally added support (August 2023)...
>
> >Seems a sane default to me. People can always use -t rsa if needed.
>
> I’d rather not.
>
> Almost all *25519* code in existence is derived from DJB’s which
> is labelled as being in the public domain, but lacks a fallback
> licence for those jurisdictions where people cannot just waive
> copyright (and DJB is notorious in not handing out those). I know
> of one independent implementation under GPL, which would therefore
> not be a choice.
This is irrelevant to the choice of the default algorithm. OpenSSH
includes this code (written by Matt Dempsky, not djb) regardless of
what the default happens to be.
Anyway, Job's change has been committed and the default will be
ed25519 in OpenSSH 9.5.
-d
More information about the openssh-unix-dev
mailing list