Date: Thu, 7 Sep 2023 17:36:06 GMT From: Ed Maste <emaste@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: c9315099f69e - main - ssh-keygen: Generate Ed25519 keys when invoked without arguments Message-ID: <202309071736.387Ha6nw082115@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=c9315099f69ead6796ef48c2ac5435f8f93c0de7 commit c9315099f69ead6796ef48c2ac5435f8f93c0de7 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-09-07 16:32:39 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-09-07 17:34:21 +0000 ssh-keygen: Generate Ed25519 keys when invoked without arguments Ed25519 keys are convenient because they're much smaller, and the next OpenSSH release (9.5) will switch to them by default. Apply the change to FreeBSD main now, to help identify issues as early as possible. Reviewed by: kevans, karels, des Relnotes: Yes Obtained from: OpenBSD 9de458a24986 Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D41773 --- crypto/openssh/ssh-keygen.1 | 6 +++--- crypto/openssh/ssh-keygen.c | 10 +++------- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/crypto/openssh/ssh-keygen.1 b/crypto/openssh/ssh-keygen.1 index c760f91be14f..c392141ea127 100644 --- a/crypto/openssh/ssh-keygen.1 +++ b/crypto/openssh/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.229 2023/07/23 20:04:45 naddy Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.230 2023/09/04 10:29:58 job Exp $ .\" .\" Author: Tatu Ylonen <ylo@cs.hut.fi> .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 23 2023 $ +.Dd $Mdocdate: September 4 2023 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -185,7 +185,7 @@ The type of key to be generated is specified with the option. If invoked without any arguments, .Nm -will generate an RSA key. +will generate an Ed25519 key. .Pp .Nm is also used to generate groups for use in Diffie-Hellman group diff --git a/crypto/openssh/ssh-keygen.c b/crypto/openssh/ssh-keygen.c index 9ccea624cd90..5b945a849202 100644 --- a/crypto/openssh/ssh-keygen.c +++ b/crypto/openssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.470 2023/07/17 04:01:10 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.471 2023/09/04 10:29:58 job Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -67,11 +67,7 @@ #include "sk-api.h" /* XXX for SSH_SK_USER_PRESENCE_REQD; remove */ #include "cipher.h" -#ifdef WITH_OPENSSL -# define DEFAULT_KEY_TYPE_NAME "rsa" -#else -# define DEFAULT_KEY_TYPE_NAME "ed25519" -#endif +#define DEFAULT_KEY_TYPE_NAME "ed25519" /* * Default number of bits in the RSA, DSA and ECDSA keys. These value can be @@ -263,7 +259,7 @@ ask_filename(struct passwd *pw, const char *prompt) char *name = NULL; if (key_type_name == NULL) - name = _PATH_SSH_CLIENT_ID_RSA; + name = _PATH_SSH_CLIENT_ID_ED25519; else { switch (sshkey_type_from_name(key_type_name)) { case KEY_DSA_CERT:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202309071736.387Ha6nw082115>