I use ed25519
Besides all the claims of it being more secure / performant, I like it
because it's a shorter key. I did a simple google search and here is
gitlabs notes on ssh keys which also recommends ed25519,
https://docs.gitlab.com/user/ssh/#ed25519-ssh-keys
On 1/20/2026 10:15 AM, Ben Koenig via PLUG wrote:
Hey all,
This is probably a pretty basic question that I could look up elsewhere, but in
the interest of completeness I thought I'd ask here.
Does anyone know (or have a link to) the current "best practices" for creating
a GPG or SSH key? I know this kind of thing tends to evolve over time so I figured the
start of 2026 was a good time to ask.
Specifically, I'm interested in RSA vs other encryption algorithms. I've read that
RSA4096 has been recommended for some time now, but are there benefits and/or caveats to
selecting the other algorithms? Proton Mail recommends RSA2048 due to performance which
makes sense for that use case. Their client '"end" for e2e is javascript
running in a browser so I can see how a bigger key would slow things down..
Thoughts? Suggestions? Rants about the futility of cybersecurity with the
advent of quantum computers?
-Ben
p.s. as a side giggle.. the web form used to compose emails for Proton is flagging "GPG",
"RSA", and "javascript" as spelling errors. You'd think that after 30-ish years the
spellcheck dictionaries would have been updated to use common computer terms. wow.
--
Matt Kowalczyk
