another meaningless subtitle

Generate a secure SSH key

· by fabio · Read in about 1 min · (114 Words)
CentOS cryptography curve fedora openssh public key SSH

In Fedora, CentOS and probably many other Linux distros “ssh-keygen” still defaults to RSA 2048.
People have not yet realized that the newer, and also faster, elliptic curve cryptography is available; even between my peers I still see that many of them are using old and insecure RSA based keys.
Since SSH clients support multiple keys transitioning to newer keys can be painless:
1. create a new elliptic curve key;
2. do not delete the old RSA key;
3. once you login into a server swap the old key with the new one.
Generating a new secure SSH key is pretty simple, just open a terminal and run:

ssh-keygen -o -a 256 -t ed25519