SSH bastion for DB keys are currently generated with SSH-RSA, which is disabled by default in Openssh 8.8. This feature request is for generating new keys with ED25519.
Hey @joeBumbaca could you do it with library?
async function generateKeyPair() {
await sodium.ready;
var keyPair = sodium.crypto_sign_keypair();
console.log('Public Key: ', sodium.to_hex(keyPair.publicKey));
console.log('Private Key: ', sodium.to_hex(keyPair.privateKey));
}
generateKeyPair();
1 Like
Hey @stefancvrkotic! Thanks for sharing this library! This topic is for the automatically generated keys when setting up an ssh tunnel into a resource. We have an internal ticket tracking this but there wasn't a single Forum post for us to aggregate user friction in this area. The current workaround is to enable legacy crypto options on the bastion host.
1 Like