Jun's Blog

Output, activities, memo and etc.

SSH key best practice

When investigating the current best practice to create a secure SSH key, I found this page.

encryption - What are ssh-keygen best practices? - Information Security Stack Exchange

The page said that the key "ed25519" was introduced at OpenSSH 6.5 at 2014-01-30. So, I think if all the used SSH servers are OpenSSH and the version is >= 6.5, we can use the following command.

$ ssh-keygen -t ed25519 -a 100 -f <file name>

Otherwise we can use the following command.

$ ssh-keygen -t rsa -b 4096 -a 100 -f <file name>