upstream: Generate Ed25519 keys when invoked without arguments
Ed25519 public keys are very convenient due to their small size. OpenSSH has supported Ed25519 since version 6.5 (January 2014). OK djm@ markus@ sthen@ deraadt@ OpenBSD-Commit-ID: f498beaad19c8cdcc357381a60df4a9c69858b3f
This commit is contained in:
parent
694150ad92
commit
e1c284d60a
|
@ -1,4 +1,4 @@
|
||||||
.\" $OpenBSD: ssh-keygen.1,v 1.229 2023/07/23 20:04:45 naddy Exp $
|
.\" $OpenBSD: ssh-keygen.1,v 1.230 2023/09/04 10:29:58 job Exp $
|
||||||
.\"
|
.\"
|
||||||
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
|
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -35,7 +35,7 @@
|
||||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.Dd $Mdocdate: July 23 2023 $
|
.Dd $Mdocdate: September 4 2023 $
|
||||||
.Dt SSH-KEYGEN 1
|
.Dt SSH-KEYGEN 1
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
|
@ -185,7 +185,7 @@ The type of key to be generated is specified with the
|
||||||
option.
|
option.
|
||||||
If invoked without any arguments,
|
If invoked without any arguments,
|
||||||
.Nm
|
.Nm
|
||||||
will generate an RSA key.
|
will generate an Ed25519 key.
|
||||||
.Pp
|
.Pp
|
||||||
.Nm
|
.Nm
|
||||||
is also used to generate groups for use in Diffie-Hellman group
|
is also used to generate groups for use in Diffie-Hellman group
|
||||||
|
|
10
ssh-keygen.c
10
ssh-keygen.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: ssh-keygen.c,v 1.470 2023/07/17 04:01:10 djm Exp $ */
|
/* $OpenBSD: ssh-keygen.c,v 1.471 2023/09/04 10:29:58 job Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -67,11 +67,7 @@
|
||||||
#include "sk-api.h" /* XXX for SSH_SK_USER_PRESENCE_REQD; remove */
|
#include "sk-api.h" /* XXX for SSH_SK_USER_PRESENCE_REQD; remove */
|
||||||
#include "cipher.h"
|
#include "cipher.h"
|
||||||
|
|
||||||
#ifdef WITH_OPENSSL
|
#define DEFAULT_KEY_TYPE_NAME "ed25519"
|
||||||
# define DEFAULT_KEY_TYPE_NAME "rsa"
|
|
||||||
#else
|
|
||||||
# define DEFAULT_KEY_TYPE_NAME "ed25519"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Default number of bits in the RSA, DSA and ECDSA keys. These value can be
|
* Default number of bits in the RSA, DSA and ECDSA keys. These value can be
|
||||||
|
@ -263,7 +259,7 @@ ask_filename(struct passwd *pw, const char *prompt)
|
||||||
char *name = NULL;
|
char *name = NULL;
|
||||||
|
|
||||||
if (key_type_name == NULL)
|
if (key_type_name == NULL)
|
||||||
name = _PATH_SSH_CLIENT_ID_RSA;
|
name = _PATH_SSH_CLIENT_ID_ED25519;
|
||||||
else {
|
else {
|
||||||
switch (sshkey_type_from_name(key_type_name)) {
|
switch (sshkey_type_from_name(key_type_name)) {
|
||||||
case KEY_DSA_CERT:
|
case KEY_DSA_CERT:
|
||||||
|
|
Loading…
Reference in New Issue