On 2023/09/03 22:13, Job Snijders wrote: > Dear all, > > Ed25519 public keys being as small as they are is very convenient. > There is an opportunity to nudge the world towards modern algorithms. > I believe choices made in OpenSSH can positively impact the wider > eco-system and industry. I'd like to suggest ssh-keygen to generate an > Ed25519 keypair, if invoked without any arguments. > > OpenSSH has supported Ed25519 since version 6.5 (January 2014). > The newly published FIPS 186-5 (February 2023) guidelines approve > the EdDSA algorithms specified in IETF RFC 8032 (January 2017). amazingly, even Mikrotik finally added support (August 2023)... > At p2k23 Theo de Raadt suggested now (before OpenBSD 7.4 release) is > good timing to consider this change. Is there a reason not to do this? > > OK? Seems a sane default to me. People can always use -t rsa if needed. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
