With the recent change to prefer ed25519 keys on the server side [1] (unless I misunderstood what the change does), I think generating ed25519 keys by default with ssh-keygen makes sense at this point.
Many users prefer the algorithm for its speed, small key size, lack of trust in OpenSSL or RSA, etc. Is there a reason not to do this? I am curious if so, as there's no discussion on this matter that I could find. [1] https://marc.info/?l=openbsd-cvs&m=160169852214927&w=2 Index: ssh-keygen.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-keygen.c,v retrieving revision 1.420 diff -u -p -r1.420 ssh-keygen.c --- ssh-keygen.c 9 Sep 2020 03:08:01 -0000 1.420 +++ ssh-keygen.c 8 Oct 2020 08:21:37 -0000 @@ -60,11 +60,7 @@ #include "ssh-pkcs11.h" #endif -#ifdef WITH_OPENSSL -# define DEFAULT_KEY_TYPE_NAME "rsa" -#else -# define DEFAULT_KEY_TYPE_NAME "ed25519" -#endif +#define DEFAULT_KEY_TYPE_NAME "ed25519" /* * Default number of bits in the RSA, DSA and ECDSA keys. These value can be
