No more passwords

April 18, 2020

Okay, today let's see together why SSH & ED-25519 can simplify your life.

SSH keys

To authenticate to a service you can use a username and a password, but you can as well use a pair of keys: SSH keys.

It is really simple, you generate 2 keys. One public that you can share. One private that is a secret. You can generate different types of keys and you probably know the RSA type. Let's give it a shot:

Open a terminal and generate a key, with RSA type, a minimal recommended length of 2048 bits, and a Comment.

Read the next part before generating your keys...

ssh-keygen -t rsa -b 2048 -C "my@email.test"

You can decide the destination folder and if you want a passphrase. On a Unix system, it should be generated here: ~/.ssh/.

Use state-of-art keys

Shorter, and more secure than RSA, Rivest–Shamir–Adleman? Impossible? Hold my beer, here comes ED-25519. Another type of keys but with a smaller public key! (And more secure, see links below.)

ssh-keygen -t ed25519 -C ""

More infos here:

Short example of public keys (The one you share and usually copy-paste):

# ED25519 🔑
ssh-ed25519 AAAAC3NzaC1lZNYMPE5AAAAILeqT4uN/abIL8P6+oAIZGGg
BXT6o/pJRI1joLlLBCgl my@e.mail

# RSA 🗝
Ya3bxhdKbmsAQ== my@e.mail

Shorter & more secure, use ED-25519!

Eddy, 25 years old and he has five 19' years old brothers.


Github & Cie

No more passwords to authenticate to Github (and every git-cloud) when you push your code. Go to your profile on the github website:

Personal Settings > SSH keys > New SSH keys.

Give a name to your key and copy-paste the content of your private rsa ed25519 keys (in ~/.ssh/id_ed25519).

From now on, when you will push something to Github, it will recognize who you are based on the keys you have in your ~/.ssh.


Same process with servers, instead of using a password to connect to them, add your SSH public key to the authorized_keys file in ~/.ssh of the server.