Migrate existing private keys to new OpenSSH format #42
Comments
dolmen
changed the title
|
@dolmen Awesome work, brother! (Sorry if this is a bit off topic) I saw this issue and was thinking of maybe putting together a pull request in the near future; so I was doing a bit of homework. Main Reference I've tested it and am able to confirm that Also, it's worth noting that |
|
I've not yet switched to ed25519 because I have for a long time wanted to keep github-keygen working with the old OpenSSH version bundled with msysgit. I should now check the version of OpenSSH bundled with git-for-Windows. |
|
Another reference about migration to Ed25519: https://medium.com/risan/upgrade-your-ssh-key-to-ed25519-c6e8d60d3c54 |
Because the PEM format is insecure. https://latacora.singles/2018/08/03/the-default-openssh.html
So detect if private keys use the old format and migrate them (use
ssh-keygen -o).Related: #41, #7
See also this old blog post (pre -o option): http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html
Also: https://blog.g3rt.nl/upgrade-your-ssh-keys.html
The text was updated successfully, but these errors were encountered: