As old as my SSH keys are and as big a fan as I am of taking security advice from blog posts, could anyone working in security/crypto weigh in on the author’s choice of key generation settings?
Ed25519 is probably your safest bet, compatibility permitting.
The -a 100 rounds is probably overkill. That’s just a tradeoff with how annoyed you want to be, and how fast your computer is, so maybe you can live with it, but I think the default is fine. The attack scenario is somebody steals your ssh keys. The password only needs to hold until you have a chance to rotate keys, not until the end of time. So you can do some modelling about how long that is based on who you think is out to get your keys and how many computers they have.
It does add a lag, I agree, but in practical terms on my 2013 laptop this is ~1 second, and with ssh-agent only happens when you login and run the agent, which for a lot of people (I assume) would be once daily.
I’d say it’s worthwhile.
Whatever floats your boat. :) You’re not wrong, but I’ll just throw in a note that going from 16 to 100 rounds increases security by a factor of 6. Adding one random letter to your password increases security by a factor of 26 and it takes me much less time to type that letter than the extra 84 rounds of hashing. Of course, if you’re already at peak password and unable to memorize one more letter, that’s not an option.
Thank you for educating me. :-)
Gnome users should be aware that the keyring can’t handle ed25519 keys at the moment.
Pretty disappointing. ECDSA keys have been around for more than six years now.
…and it still does not handle GPG smartcards correctly among other problems. I really like much of the gnome-desktop, but It’s quite sobering that I still need to search for the new way to get rid of the keyring, or at least its ssh-agent and gpg-agent functionalities, with every other release of the gnome desktop.
[Comment removed by author]
Elliptic curve keys will be faster.