SSH key with Ed25519

updated June 30, 2023

Ed25519 uses elliptic curve cryptography with good security and performance. When a whole team uses Ed25519, a server's ~/.ssh/authorized_keys file looks nice:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAePksB5aPc6sww+RMzJwpVuDhRAgzOKP1Q/o3suIbw [email protected]
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEB/O/VwAvqWIV/EN9aHjHAg/9JYsX/Ce2yvr5wPI3gZ [email protected]
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAYG1rgF4YSSBwtinbhFLR/Qeah11jYcQpf6lX4yql60 [email protected]

Create the key:

ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -C "$(whoami)@$(hostname)"

Start the SSH agent:

eval "$(ssh-agent -s)"

Update ~/.ssh/config:

Host *
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile ~/.ssh/id_ed25519

Host github.com
  Hostname ssh.github.com
  Port 443

Add the private key to the SSH agent on macOS:

ssh-add --apple-use-keychain ~/.ssh/id_ed25519

Copy the public key to macOS clipboard:

cat ~/.ssh/id_ed25519.pub | pbcopy

Upload the public key to GitHub.