comparing-ssh-keys
[-t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa]
FIDO2-Based SSH Keys (ed25519-sk and ecdsa-sk)
The sk extension stands for security key.
ssh-keygen -t ecdsa-sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
Key enrollment failed: invalid format
what is fido2 security key
- https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless#fido2-security-keys
- https://www.yubico.com/authentication-standards/fido2/
recommendation of Generating SSH Key File in Linux
ssh-keygen -t ed25519
## Invalid RSA key length: maximum is 16384 bits
ssh-keygen -t rsa -b 4096
## Invalid ECDSA key length: valid lengths are 256, 384 or 521 bits
ssh-keygen -t ecdsa -b 521
ref
- What is the -sk ending for ssh key types?
- SSH Key type ed25519-sk (and ecdsa-sk)
- Comparing SSH Keys – RSA, DSA, ECDSA, or EdDSA?
- FIDO2-Based SSH Keys (ed25519-sk and ecdsa-sk)
- Does SSH key with type ecdsa-sk or ed25519-sk need passphrase?
- ssh key类型这么多,要如何选择呢?
- GitHub 支援 SSH 使用 Security Key 了
- How to know the SSH key’s length?