How to move away from RSA for SSH keys
Read time in minutes: 7RSA is one of the most
widely deployed encryption algorithms in the world. Notably, when you generate
an SSH key without any extra flags, ssh-keygen
will default to using RSA:
root@hiro:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
For a while cryptographers have feared that RSA is vulnerable to a quantum computing algorithm known as Shor's Algorithm. I won't pretend to understand it in this article, but the main reason why it's not deployed is that the hardware required to attack RSA keys in the wild literally doesn't exist yet (think literally tens of generations more advanced than current quantum computers).
A group of researchers have just published a paper that posits that it's likely you can break 2048-bit RSA (the most widely deployed keysize) with a quantum computer that only uses 372 qubits of computational power. The IBM Osprey has 433 qubits.
It may be a good time to move away from RSA keys when and where you can. Today I'm going to cover how to make SSH keys using ed25519 keys instead of RSA.
Generating new keys
To generate a new keypair, use the ssh-keygen
command:
ssh-keygen -t ed25519
Make sure to set a password on that key and then you can add it to your SSH
agent with ssh-add
. Copy the public key to your clipboard (print it to the
screen with cat ~/.ssh/id_ed25519.pub
) and then you can add it to GitHub or
other services you use.
~/.ssh/known_hosts
file. You could use a
command like this:cat ~/.ssh/known_hosts | cut -d' ' -f1 | sort | uniq
~/.ssh/authorized_keys
!Disabling RSA host keys
The OpenSSH server will create a keypair for each machine it runs on. By default
this creates an RSA key as well as an ed25519 key. You can disable this by
adding the following line to /etc/ssh/sshd_config
:
HostKey /etc/ssh/ssh_host_ed25519_key
ed25519
in it.If your SSH configuration file has a Ciphers
, HostKeyAlgorithms
,
PubkeyAcceptedAlgorithms
, or CASignatureAlgorithms
setting in it, you may
want to make sure that any rsa
cipher or algorithm isn't present in any of
them. If your distro has an option to change this system wide (such as in Red
Hat and
derivatives),
you may want to use that.
If you want to do this on NixOS, add the following configuration to either your
configuration.nix
or something that is imported by your configuration.nix
:
services.openssh.hostKeys = [{
path = "/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}];
I hope this helps! Systems administration is full of annyoing migrations and compromises like this. Good luck out there!