Creating an SSH key

I want to create an SSH key using current best practices.

Procedure #

 1$ ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -C `printf '%s@%s' $(whoami) $(hostname)`
 2
 3Generating public/private ed25519 key pair.
 4Enter passphrase (empty for no passphrase): 
 5Enter same passphrase again: 
 6Your identification has been saved in /Users/jswank/.ssh/id_ed25519
 7Your public key has been saved in /Users/jswank/.ssh/id_ed25519.pub
 8The key fingerprint is:
 9SHA256:JrPsmu05+TTtV2VtL5UqbDRbq7CTFc4wQKzPJjdlTaM jswank@as-mac.local
10The key's randomart image is:
11+--[ED25519 256]--+
12|      o.         |
13|       o   o     |
14|      . . + .   o|
15|     .   E = . .*|
16|      = S B = o=.|
17|     o @ o O oo .|
18|      *.+ B o. . |
19|     +oo * ..    |
20|    oo=o. o.     |
21+----[SHA256]-----+

Comments #

• Use the right algorithm.
• Use a passphrase.
• If possible, create a unique key for each client.

References #

• Brandon Checketts Best Practices.