Home ยป OpenSSH is preparing to change the default key generation process from RSA to Ed25519

OpenSSH is preparing to change the default key generation process from RSA to Ed25519

The ssh-keygen program used to generate keys for Secure Shell logins under the OpenSSH project is preparing to change the default key generation process from RSA to Ed25519. The Ed25519 key is an elliptic curve key that has been supported in OpenSSH since version 6.5, which was released almost ten years ago in 2014. One clear advantage of the Ed25519 key is that it is much smaller in size and overall more efficient. The key exchange process still uses the Diffie Hellman algorithm. OpenSSH supports three types of RSA keys: RSA-SHA1, which is easily hackable, RSA-SHA256, and RSA-SHA2-512. OpenSSH has already discontinued the use of RSA-SHA1, but the other two types are still in use as the main choices since OpenSSH 7.2. Although OpenSSH supports other elliptic curve authentication processes such as ECDSA, Ed25519 was introduced later.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

SecureShell Vulnerability Patch Revealed Ahead of RHEL by AlmaLinux

OpenSSH Announcement: Complete Dissolution of DSA Key Code Unveiled for the Onset of 2025.

Enhanced Security Measures: OpenSSH Unveils Version 9.5 Incorporating Ed25519 Keys and Time Lock Feature