OpenSSH’s ssh-keygen
command just got a great upgrade.
In today’s episode, I cover how Ed25519 keys are now the default, and how it probably doesn’t impact your workflow. I’ll briefly cover how the whole thing works, in an under 10 minute video. As per the custom in these parts, there’s a few vintage computing goodies peppered throughout the episode.
🫶 Support (how this channel makes money) 🫶
This episode of Veronica Explains isn’t sponsored by anyone other than you. Your support makes this show possible, and I appreciate your consideration. Supporters at the $2/mo level get a weekly newsletter from me.
https://patreon.com/VeronicaExplains https://ko-fi.com/VeronicaExplains
You can also buy nerdy shirts from my web store (it’s not sponsorship, I literally host and maintain the web store myself, and my family designs the merch): https://vkc.sh/merch.
🤩 What I’m Watching! 🤩
Macintosh Librarian put out a great video about a Power Computing Macintosh clone recently that really caught my eye. I find the history of Apple, and Apple-adjacent technology fascinating, and if that’s something you’re into as well, Macintosh Librarian is worth your attention.
Her recent video: https://www.youtube.com/watch?v=FK-BkdnEF-8 Her channel (which you should subscribe to): https://youtube.com/MacintoshLibrarian
🖥️ Commands used during the making of this video 🖥️
ssh-keygen
by itself: creates a default key in the default location (usually the .ssh folder inside the home directory).
With options, it gets more features. The -t
option specifies the key type:
– ssh-keygen -t rsa
generates an rsa key
– ssh-keygen -t ed25519
generates an ed25519 key
You’ll see me combine this with the -f
option to specify the output file(s). So ssh-keygen -f .ssh/testkeylmde -t ed25519
would create a key pair in the .ssh folder with the filename “testkeylmde” (and “testkeylmde.pub” for the public file).
You can then use ssh-copy-id
to transfer and set up the public keyfile on a server, so that your private key will work with it:
ssh-copy-id -i [path-to-public-key] [user][at][server]
As I mentioned a few times, I have a more thorough OpenSSH video: https://www.youtube.com/watch?v=3FKsdbjzBcc
And for further reading about cryptography in general, here’s some Wikipedia I referenced in the video:
- RSA: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
- Curve25519 (where ed25519 gets its mathy bits from): https://en.wikipedia.org/wiki/Curve25519
- The Twisted Edwards curve: https://en.wikipedia.org/wiki/Twisted_Edwards_curve
- EdDSA (the section on Ed25519): https://en.wikipedia.org/wiki/EdDSA#Ed25519
📖 Chapters 📖 0:00 News about OpenSSH! 1:48 The basics of OpenSSH and ssh-keygen 4:27 How does this change impact you? 7:34 Now’s a good time to prune your keys 9:04 What I’m Watching: Macintosh Librarian