• Björn Tantau@swg-empire.de
      link
      fedilink
      arrow-up
      40
      ·
      1 month ago

      If I had a nickel for every time I had to change my ssh key algorithm I’d have two nickels.

      Which isn’t much but it’s concerning that it happened twice.

    • friend_of_satan@lemmy.world
      link
      fedilink
      English
      arrow-up
      26
      ·
      edit-2
      1 month ago

      A few days ago I was messing with my ubiquiti dream router and its ssh config option said the key should start with ssh-rsa 🙄

      • dan@upvote.au
        link
        fedilink
        arrow-up
        22
        ·
        1 month ago

        It probably accepts other key types and it’s just the UI that’s outdated. I doubt they’re using an SSH implementation other than Dropbear or OpenSSH, and both support ed25519.

    • Scoopta
      link
      fedilink
      arrow-up
      13
      arrow-down
      1
      ·
      1 month ago

      Fact of the matter is RSA is perfectly secure still…and ECDSA/ED25519 should also be extinct given the rising need for post quantum cryptography

        • Scoopta
          link
          fedilink
          arrow-up
          1
          ·
          1 month ago

          Most of the situations I encounter RSA are in projects where I hope RSA is implemented correctly. I have a lot of Let’s Encrypt certs that are still RSA and my main SSH keys are still RSA. All of these were generated quite some time ago. I understand the problem with projects that implement it incorrectly but I’d hope OpenSSH and certbot aren’t those projects 😥

          • computergeek125@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 month ago

            For Certbot, I think it’s even further up the chain - OpenSSL. And if you’re installing it to Apache or Nginx, its probably just OpenSSL again.

    • 🍆 💦@feddit.org
      link
      fedilink
      arrow-up
      3
      ·
      1 month ago

      Azure DevOps only allows you to use RSA keys. This caused a major outage in May (they switched from V1 to V2) :).