Large steps were made in 2018, so we're nearly there, but on older systems or for older servers (like CentOS/RHEL < 7 or Ubuntu < 15.04), you can generate a similarly-complex RSA key with 4096 bits: ssh-keygen -t rsa -b 4096 -o -a 100 However, Ed25519 is a rather new key algorithm ( Curve25519's popularity spiked only when it was surmised that other standards had been diluted) and its adoption is not yet universal. The -a 100 option specifies 100 rounds of key derivations, making your key's password harder to brute-force.
These have complexity akin to RSA at 4096 bits thanks to elliptic curve cryptography (ECC).
I recommend the Secure Secure Shell article, which suggests: ssh-keygen -t ed25519 -a 100Įd25519 is an EdDSA scheme with very small (fixed size) keys, introduced in OpenSSH 6.5 () and made default ("first-preference") in OpenSSH 8.5 ().
0 kommentar(er)
