Generate SSH Keys with keys with ED25519 algorithm

SSH bastion for DB keys are currently generated with SSH-RSA, which is disabled by default in Openssh 8.8. This feature request is for generating new keys with ED25519.

Hey @joeBumbaca could you do it with library?

async function generateKeyPair() {
  await sodium.ready;
  var keyPair = sodium.crypto_sign_keypair();
  console.log('Public Key: ', sodium.to_hex(keyPair.publicKey));
  console.log('Private Key: ', sodium.to_hex(keyPair.privateKey));

1 Like

Hey @stefancvrkotic! Thanks for sharing this library! This topic is for the automatically generated keys when setting up an ssh tunnel into a resource. We have an internal ticket tracking this but there wasn't a single Forum post for us to aggregate user friction in this area. The current workaround is to enable legacy crypto options on the bastion host.

1 Like