terminal iconMichael Butler

Default OpenSSH Key Algorithm Changes to Ed25519

Posted on 2023. Dec 01

The default security algorithm for OpenSSH keys is about to change from RSA to Ed25519! But don't worry, in most cases, everything will still work just fine.

Bottom line: your old generated RSA keys will continue to work just fine, and new Ed25519 will also work just fine on most servers you connect to!

Ed25519 vs RSA

The RSA algorithm has been used by default to generate OpenSSH keys for quite a long time, even though it might not necessarily be the best choice these days. While RSA has served its purpose very well for decades, it is not the most secure anymore and what's worse, it generates very long keys which can be a bit cumbersome to deal with.

Ed25519 on the other hand uses a newer algorithm invented around 2006, and available as an option in OpenSSH since 2014. It's purportedly a more secure algorithm (though I'm no expert), and the key lengths are much shorter as you can see in this picture:

Ed25519 SSH Key Generation

Don't worry, this was just a test key which is already deleted. Do NOT use it.

How to Generate an SSH Key Pair

Simply run ssh-keygen in a terminal window and follow the prompts. If you don't pass any arguments, it will use your operating system's defaults, which might still be rsa -- it will say what algorithm it's using.

Warning: don't allow it to overwrite an existing key if you still need your old one. You can specify a new file name instead.

When it's finished, the filename you chose will be the private key, and a corresponding file of the same name but with a .pub key as the public portion of the key.

How to Generate an Ed25519 Key Pair

If when you run ssh-keygen it says "generating rsa key pair" then you don't have the latest OpenSSH version yet. That's alright, to force it to use Ed25519 simply run with the flags:

ssh-keygen -t ed25519

Ed25519 keys will work 99.9% of the time so you can go ahead and use them without worry. Only very old servers do not support Ed25519 keys. One notable exception to this is AWS EC2 instances, which didn't offer Ed25519 support until January 2022 for their EC2 Instance Connect and EC2 Serial Console features. But even before that, if you wanted to only SSH from your own terminal (on a local machine or a datacenter jump box) you could still use Ed25519 on AWS.

If, for some reason, you still need to generate rsa keys, run this:

ssh -t rsa

Happy hacking!

This article, and all articles on this blog, were written without the use of any AI, GPT, or Language Learning Models. It's old fashioned I guess.