With my last team, at the request of Ryan, our CTO, I stopped using RSA for my public keys and started using Ed25519.
Ed25519 uses elliptic curve cryptography with good security and performance. That's the real reason to use it.
My favorite thing, though, is when the whole team uses Ed25519, a server's ~/.ssh/authorized_keys
file looks 😍:
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAePksB5aPc6sww+RMzJwpVuDhRAgzOKP1Q/o3suIbw alice@home.local
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEB/O/VwAvqWIV/EN9aHjHAg/9JYsX/Ce2yvr5wPI3gZ bob@work.local
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAYG1rgF4YSSBwtinbhFLR/Qeah11jYcQpf6lX4yql60 carol@home.local
Create the key:
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -C "$(whoami)@$(hostname)"
Start the SSH agent:
eval "$(ssh-agent -s)"
Update ~/.ssh/config
:
Host *
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/id_ed25519
Host github.com
Hostname ssh.github.com
Port 443
Add the private key to the SSH agent on macOS:
ssh-add -K ~/.ssh/id_ed25519
Top comments (0)