Dear all, Ed25519 public keys being as small as they are is very convenient. There is an opportunity to nudge the world towards modern algorithms. I believe choices made in OpenSSH can positively impact the wider eco-system and industry. I'd like to suggest ssh-keygen to generate an Ed25519 keypair, if invoked without any arguments. OpenSSH has supported Ed25519 since version 6.5 (January 2014). The newly published FIPS 186-5 (February 2023) guidelines approve the EdDSA algorithms specified in IETF RFC 8032 (January 2017). At p2k23 Theo de Raadt suggested now (before OpenBSD 7.4 release) is good timing to consider this change. Is there a reason not to do this? OK? Kind regards, Job Further reading: Original Ed25519 paper: https://ed25519.cr.yp.to/ed25519-20110926.pdf IETF RFC 8032: https://datatracker.ietf.org/doc/html/rfc8032 FIPS 186-5: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf Index: ssh-keygen.1 =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-keygen.1,v retrieving revision 1.229 diff -u -p -r1.229 ssh-keygen.1 --- ssh-keygen.1 23 Jul 2023 20:04:45 -0000 1.229 +++ ssh-keygen.1 3 Sep 2023 21:29:11 -0000 @@ -185,7 +185,7 @@ The type of key to be generated is speci option. If invoked without any arguments, .Nm -will generate an RSA key. +will generate an Ed25519 key. .Pp .Nm is also used to generate groups for use in Diffie-Hellman group Index: ssh-keygen.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-keygen.c,v retrieving revision 1.470 diff -u -p -r1.470 ssh-keygen.c --- ssh-keygen.c 17 Jul 2023 04:01:10 -0000 1.470 +++ ssh-keygen.c 3 Sep 2023 21:29:12 -0000 @@ -61,11 +61,7 @@ #include "ssh-pkcs11.h" #endif -#ifdef WITH_OPENSSL -# define DEFAULT_KEY_TYPE_NAME "rsa" -#else -# define DEFAULT_KEY_TYPE_NAME "ed25519" -#endif +#define DEFAULT_KEY_TYPE_NAME "ed25519" /* * Default number of bits in the RSA, DSA and ECDSA keys. These value can be @@ -252,7 +248,7 @@ ask_filename(struct passwd *pw, const ch char *name = NULL; if (key_type_name == NULL) - name = _PATH_SSH_CLIENT_ID_RSA; + name = _PATH_SSH_CLIENT_ID_ED25519; else { switch (sshkey_type_from_name(key_type_name)) { case KEY_DSA_CERT: _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev