openssh unix dev - Nov 2022 - [patch] ssh-keygen(1): by default generate ed25519 key (instead of rsa)

Dear all,

Support for using Ed25519 for server and user authentication was
introduced in OpenSSH 6.5. I like the compactness of Ed25519 public
keys.

Perhaps now is a good time to make Ed25519 the default when invoking
ssh-keygen(1) without arguments?

Kind regards,

Job

Index: ssh-keygen.1
==================================================================RCS file:
/cvs/src/usr.bin/ssh/ssh-keygen.1,v
retrieving revision 1.226
diff -u -p -r1.226 ssh-keygen.1
--- ssh-keygen.1	10 Sep 2022 08:50:53 -0000	1.226
+++ ssh-keygen.1	6 Nov 2022 13:31:19 -0000
@@ -185,7 +185,7 @@ The type of key to be generated is speci
 option.
 If invoked without any arguments,
 .Nm
-will generate an RSA key.
+will generate an ed25519 key.
 .Pp
 .Nm
 is also used to generate groups for use in Diffie-Hellman group
Index: ssh-keygen.c
==================================================================RCS file:
/cvs/src/usr.bin/ssh/ssh-keygen.c,v
retrieving revision 1.459
diff -u -p -r1.459 ssh-keygen.c
--- ssh-keygen.c	11 Aug 2022 01:56:51 -0000	1.459
+++ ssh-keygen.c	6 Nov 2022 13:31:21 -0000
@@ -61,12 +61,6 @@
 #include "ssh-pkcs11.h"
 #endif
 
-#ifdef WITH_OPENSSL
-# define DEFAULT_KEY_TYPE_NAME "rsa"
-#else
-# define DEFAULT_KEY_TYPE_NAME "ed25519"
-#endif
-
 /*
  * Default number of bits in the RSA, DSA and ECDSA keys.  These value can be
  * overridden on the command line.
@@ -252,7 +246,7 @@ ask_filename(struct passwd *pw, const ch
 	char *name = NULL;
 
 	if (key_type_name == NULL)
-		name = _PATH_SSH_CLIENT_ID_RSA;
+		name = _PATH_SSH_CLIENT_ID_ED25519;
 	else {
 		switch (sshkey_type_from_name(key_type_name)) {
 		case KEY_DSA_CERT:
@@ -3748,7 +3742,7 @@ main(int argc, char **argv)
 	}
 
 	if (key_type_name == NULL)
-		key_type_name = DEFAULT_KEY_TYPE_NAME;
+		key_type_name = "ed25519";
 
 	type = sshkey_type_from_name(key_type_name);
 	type_bits_valid(type, key_type_name, &bits);

On Sun, 6 Nov 2022, Job Snijders wrote:
> Perhaps now is a good time to make Ed25519 the default when invoking
> ssh-keygen(1) without arguments?
No.

(Also, the 25519 stuff from DJB is not proper Open Source, and often
not welcome, e.g. in the Azure cloud, SSH keys must be RSA.)

bye,
//mirabilos
-- 
Infrastrukturexperte ? tarent solutions GmbH
Am Dickobskreuz 10, D-53121 Bonn ? http://www.tarent.de/
Telephon +49 228 54881-393 ? Fax: +49 228 54881-235
HRB AG Bonn 5168 ? USt-ID (VAT): DE122264941
Gesch?ftsf?hrer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

                        ****************************************************
/?\ The UTF-8 Ribbon
??? Campaign against      Mit dem tarent-Newsletter nichts mehr verpassen:
??? HTML eMail! Also,     https://www.tarent.de/newsletter
??? header encryption!
                        ****************************************************

On Mon, 7 Nov 2022 at 00:51, Job Snijders <job at openbsd.org> wrote:
[...]
> Perhaps now is a good time to make Ed25519 the default when invoking
> ssh-keygen(1) without arguments?
I don't think so.  Outside of DSA (which is REQUIRED in RFC4253 but is
considered weak these days), RSA keys are the most widely supported
key type and thus most likely to work in any given situation, which
makes them an appropriate default.  If you know this is not the case
for your environment, that's what "-t" is for.

-- 
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.