<div dir="ltr">My understanding (your mileage may vary).<div>* dsa used to be a goto, but is now considered bad/insecure</div><div>* rsa is still the default in many ssh configs, but is starting to also be considered not secure</div><div>* ed25519 is considered pretty secure, but the impression I've been given is that it is new-ish enough that not all distro's sshes may have it available</div><div>* ecdsa is supposed to be pretty ubiquitous now and is a good comprise between better secure keys and wide-availability in installed openssh systems.</div><div><br></div><div>This is just my impression from seeing various blog posts, tweets and podcast discussions, so others may have better answers/guidance.</div><div><br></div><div>-Shawn</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Feb 16, 2021 at 4:04 PM Bruce Labitt <<a href="mailto:bruce.labitt@myfairpoint.net">bruce.labitt@myfairpoint.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Gitlab is asking for ssh keys now. Is there a recommended type of key <br>
these days?<br>
<br>
man ssh-key gives me the following choices: dsa | ecdsa | ecdsa-sk | <br>
ed25519 | ed25519-sk | rsa<br>
<br>
Which should I choose? Which ones offer the longer/longest key length <br>
(best security?)<br>
<br>
Sorry for the simplistic question, not done this before. Any insight <br>
would be helpful.<br>
<br>
_______________________________________________<br>
gnhlug-discuss mailing list<br>
<a href="mailto:gnhlug-discuss@mail.gnhlug.org" target="_blank">gnhlug-discuss@mail.gnhlug.org</a><br>
<a href="http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/" rel="noreferrer" target="_blank">http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/</a><br>
</blockquote></div>