Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SSH Keys 加密算法 ed25519 和 rsa 的比较及生成教程 #17

Open
nkypy opened this issue Sep 6, 2016 · 5 comments
Open

SSH Keys 加密算法 ed25519 和 rsa 的比较及生成教程 #17

nkypy opened this issue Sep 6, 2016 · 5 comments
Labels

Comments

@nkypy
Copy link
Owner

nkypy commented Sep 6, 2016

首先介绍一下


ed25519加密解密很快,生成时间短而且安全性更高,rsa则加密解密稍慢,生成时间长,安全性没有ed25519高,只是rsa基本都是默认,所以用的人更多,但是建议转换为ed25519,网站软件现在基本都支持了.

生成教程


ssh-keygen -t ed25519 -C "XXX" (XXX为标记,随便起个名称)
(回车,返回结果)
Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/xxx/.ssh/id_ed25519): (文件保存位置,一般默认就好)
(回车,返回结果)
Enter passphrase (empty for no passphrase): (密码,如果想使用时不输密码,留空即可)
(回车,返回结果)
Enter same passphrase again: (再次确认密码,留空的还是直接回车)
(回车,返回结果)
Your identification has been saved in /home/xxx/.ssh/id_ed25519.
Your public key has been saved in /home/xxx/.ssh/id_ed25519.pub.
The key fingerprint is:
SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx XXX(这几位是最上面填写的名称,在在公钥最后显示)
The key's randomart image is:(返回的随即生成图形)
+--[ED25519 256]--+
|                 |
|                 |
|                 |
|                 |
| xxxxxxxxxxxxxxx |
|ooooooooooooo    |
|                 |
|                 |
|                 |
+----[SHA256]-----+

这样ed25519算法的密钥就生成完毕了, id_ed25519.pub是公钥,粘贴到github之类的网站即可,id_ed25519是私钥,一定要保存好,且不能随便给他人,祝您使用愉快.

@nkypy nkypy added the Crypto label Sep 6, 2016
@nkypy nkypy changed the title SSH Keys加密算法ed25519和rsa比较及教程 SSH Keys 加密算法 ed25519 和 rsa 的比较及生成教程 Sep 6, 2016
@nkypy
Copy link
Owner Author

nkypy commented Sep 7, 2016

近期再给大家说说gnupg的生成与使用

@unstartdev
Copy link

ed25519和ecdsa相比如何?

@nkypy
Copy link
Owner Author

nkypy commented Nov 30, 2017

@unstartdev Ed25519 比 ECDSA 更加安全,性能更好,推荐使用 Ed25519。

@cronfox
Copy link

cronfox commented Jan 23, 2022

怎么说呢
3072的RSA的安全性=256的ECC(包括ECDSA和25519(EdDSA))
25519相对于传统NIST P-256曲线的ECDSA效率与速度更快且为确定性签名。
同时也有些人担心这NIST曲线有些奇怪的问题(

@cronfox
Copy link

cronfox commented Jan 23, 2022

ed25519和ecdsa相比如何?

从ssh上来看,25519公钥更短

ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBHFf0oKoK15FvJkKjCdCSJWJvsx9tayFnlg0X/s19n9teNI8eJEmaSf3OWeJLLvkZgC6CACOw+mGlRyJe4Cm9g= ecdsa-key-20220123

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGjCykN6EFqhTJFMT/jTeV6SkbdOSPImAh1PgJkzkRih ed25519-key-20220123

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants