HOME
art gallery Linkedin GitHub Donations Our Recommendations
Login
Hashcat Cold Storage Premium
Info
Vuln Fact Check Server Managment Links
SSH
Auth.log Debug DNS key share Cheatpapper
Encryption
fido2 Twofish serpent .ssh/config cipher set sshd set cipher
Firewall
IP block list Fail2ban fail2ban Config SELinux
Tools
Mpiexec Rsync Mosh Glances SSHFS Tmate autossh XQuartz
VPN
SSH Tunneling Cloudflare Onion Network/Tor sshuttle SSH Proxy Reverse Tunnel SSH Tunnel ssh socksv5 proxy
Keys
CA Info Generate Ed25519 key Certificates keys CA & Host auth Backup Key OTP Hardware key SCP Trezor Ledger Nano X
Tweaks
DNS BASH Zsh ssh client env sshd env config X11
Configfiles
sshd, Single Node. sshd, Firewall Single Node. sshd, Cloud Firewall Single Node. sshd, Firewall X11. Win 11 OpenSSH Server

ed25519

You can generate a strong Ed25519 key using the ssh-keygen utility on Linux Unix or macOS:

  1. Open a terminal or command prompt on your computer.
  2. Type the following command to generate a new Ed25519 key pair:
    3. ssh-keygen -t ed25519 -o -a 100
  3. This will generate a new Ed25519 key pair with a high number of KDF (key derivation function) rounds to increase security. The -o option enables the new private key file format, which uses a stronger encryption algorithm than the older PEM format.
  4. You will be prompted to choose a filename and location to save the new key pair. You can choose a location and filename that make sense for your needs, or accept the default (~/.ssh/id_ed25519).
  5. You will also be prompted to enter a passphrase to protect the private key. While this is not strictly necessary, it can provide an extra layer of security in case the key file is ever compromised.
  6. After you have generated the key pair, you can copy the public key to the remote servers you want to authenticate with by using the ssh-copy-id command. For example:
    7. ssh-copy-id -i ~/.ssh/id_ed25519.pub user@remote-host
  7. This will copy the public key to the authorized_keys file on the remote server, allowing you to authenticate using the private key.