Solved generating ssh key pair

Hi,

Could anyone advise on which of this 2 methods is the most secure?
ssh-keygen -b 4096 -f ~/.ssh/id_rsa4096_test -C fred@freebsd_test -o -a 500
or
ssh-keygen -t ed25519 -f ~/.ssh/fred_ed25519_test

My understanding is that ed25519 is the most secure but I am not sure
 
ed25519 is new(ish) and was chosen due to mistrust of the EC supported by the NSA and to be faster. It is not supported by all implementations of OpenSSH (I didn't see it referenced in the OpenBSD man page for ssh-keygen for instance).

RSA has been around for a long time and has not yet been broken. But as computing speed increases its usefulness goes down.

Personally, I would create both. If one is broken in the future, you can remove it from your authorized_keys files and continue using the other.
 
Hi,

Could anyone advise on which of this 2 methods is the most secure?
ssh-keygen -b 4096 -f ~/.ssh/id_rsa4096_test -C fred@freebsd_test -o -a 500
or
ssh-keygen -t ed25519 -f ~/.ssh/fred_ed25519_test

My understanding is that ed25519 is the most secure but I am not sure

Thank you kindly. Worked like a charm! :)
 
Back
Top