Time to upgrade to Ed25519

Motivation

When is the last time you created or upgraded your SSH key? And did you use the latest recommended public-key algorithm?...
...If it was more than five years ago and you generated your SSH key with the default options, you probably ended up using RSA algorithm with key-size less than 2048 bits long.

Ed25519 Benefits

The Ed25519 (introduced to OpenSSH version 6.5) uses elliptic curve cryptography that offers a better security with faster performance compared to RSA or ECDSA.

Today, the RSA is the most widely used public-key algorithm for SSH key. Compared to Ed25519, it’s slower and even considered a security risk if it’s generated with the key smaller than 2048-bit length.

A Ed25519 public-key is compact, only contains 68 characters, compared to RSA 3072 that has 544 characters. Generating the key is also almost as fast as the signing process. It’s fast to perform batch signature verification with Ed25519 and built to be collision resilience.

Why not switch?

Generating an Ed25519 Key

Why not keep your old SSH keys and generate a new one that uses Ed25519 (you can have multiple keys on a machine). This way you can still log into any of your remote host; then slowly replace the authorized keys your new Ed25519 public-key.

In terminal type the following command to generate a SSH key that uses the Ed25519 algorithm:

  • -o: Save the private-key using the new OpenSSH format, rather than the PEM format (implied when key type is ed25519).
  • -a: It’s the numbers of KDF (Key Derivation Function) rounds. Higher numbers = slower passphrase verification = higher resistance to brute-force password cracking.
  • -t: Specifies the type of key to create, in this case the Ed25519.
  • -f: Specify the filename of the generated key file.
  • -C: An option to specify a comment. It’s purely informational and can be anything. But it’s usually filled with user@hostname who generated the key.

Adding Your Key to SSH Agent

You can find your newly generated private key at ~/.ssh/id_ed25519 and your public key at ~/.ssh/id_ed25519.pub. Always remember that your public key lives on target host for authentication.

Before adding your new private key to the SSH agent, make sure that the SSH agent is running by executing the following command:

eval "$(ssh-agent -s)"

Then run the following command to add your newly generated Ed25519 key to SSH agent:

ssh-add -K ~/.ssh/id_ed25519

Or if you want to add all of the available keys under the default .ssh directory, simply run:

ssh-add

Notes for macOS users

If you’re using macOS High Sierra 10.13.6 or later, to load the keys automatically and store the passphrases in the Keychain, you need to configure your ~/.ssh/config file:

Host *
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile ~/.ssh/id_ed25519
  IdentityFile ~/.ssh/id_rsa

Once the SSH config file is updated, add the private-key to the SSH agent:
ssh-add -K ~/.ssh/id_ed25519