https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=278825
Bug ID: 278825
Summary: ssh-keygen: default type of key is changed to ed25519
with 15-CURRENT but is still rsa with 13-STABLE and
14-STABLE
Product: Base System
Version: Unspecified
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: bin
Assignee: b...@freebsd.org
Reporter: y...@freebsd.org
CC: ema...@freebsd.org
There are following sentences in the commit messages of base edf8578117e8.
--
* ssh-keygen(1): generate Ed25519 keys by default.
[NOTE: This change was already merged into FreeBSD.]
--
The commit is merged to stable/13 as base 221a6bc397ad and to stable/14 as base
b24ca3caa752. So the default should be ed25519 with all of latest these
branches. And I checked it.
On latest 15-CURRENT ssh-keygen tries to create ed25519 key pair as is
expected.
--
yasu@rolling-vm-freebsd1[1014]% uname -v
FreeBSD 15.0-CURRENT #0 main-n269883-12117d0e9314: Sat May 4 00:49:39 JST 2024
ro...@rolling-vm-freebsd1.home.utahime.org:/usr/obj/usr/src/amd64.amd64/sys/GENERIC
yasu@rolling-vm-freebsd1[1014]% ssh-keygen
Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/yasu/.ssh/id_ed25519): ^C
yasu@rolling-vm-freebsd1[1015]%
--
On latest 13-STABLE and 14-STABLE, however, it tries to create rsa key pair.
--
yasu@rolling-vm-freebsd4[1002]% uname -v
FreeBSD 13.3-STABLE stable/13-n257830-825cb4c850f2 GENERIC
yasu@rolling-vm-freebsd4[1003]% ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/yasu/.ssh/id_rsa): ^C
yasu@rolling-vm-freebsd4[1004]%
--
--
yasu@rolling-vm-freebsd5[1002]% uname -v
FreeBSD 14.1-PRERELEASE #0 stable/14-n267586-19e335596658: Thu May 2 20:41:56
UTC 2024
r...@releng1.nyi.freebsd.org:/usr/obj/usr/src/amd64.amd64/sys/GENERIC
yasu@rolling-vm-freebsd5[1003]% ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/yasu/.ssh/id_rsa): ^C
yasu@rolling-vm-freebsd5[1004]%
--
I checked commit log of main branch and found following change is committed
before base edf8578117e8.
--
commit c9315099f69e
Author: Ed Maste
AuthorDate: Thu Sep 7 12:32:39 2023 -0400
Commit: Ed Maste
CommitDate: Thu Sep 7 13:34:21 2023 -0400
ssh-keygen: Generate Ed25519 keys when invoked without arguments
Ed25519 keys are convenient because they're much smaller, and the next
OpenSSH release (9.5) will switch to them by default. Apply the change
to FreeBSD main now, to help identify issues as early as possible.
Reviewed by:kevans, karels, des
Relnotes: Yes
Obtained from: OpenBSD 9de458a24986
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41773
--
But there isn't corresponding commit in either stable/13 or stable/14. So it
seems default type of key is still rsa with 13-STABLE and 14-STABLE because
above commit is forgotten to be merged to them.
Cc-ing committer of base c9315099f69e.
--
You are receiving this mail because:
You are the assignee for the bug.