SSH keygen best practice for cmder

Bang this into cmder.

ssh-keygen -o -a 100 -t ed25519 -f %CMDER_ROOT%\config\.ssh\id_ed25519

Which will output something like this:

Generating public/private ed25519 key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in S:\PortableApps\cmder\config\.ssh\id_ed25519.
Your public key has been saved in S:\PortableApps\cmder\config\.ssh\id_ed25519.pub.
The key fingerprint is:
SHA256:QyZb4A3XxH45fSFndMWrXvddLm2HpgUUoezLsfjL5zp user@example.com
The key's randomart image is:
+--[ED25519 256]--+
|..oo.   .        |
|.... o . o .     |
| E. o + o = .    |
|   . o O = = .   |
|    o X S = =    |
|     + @ = . .   |
|    o O B o      |
|   . *.o =       |
|    ooo.o        |
+----[SHA256]-----+

You can then download this user-profile.cmd and place it in %CMDER_ROOT%\config\

There are plenty of good reasons why, but I won’t repeat these people’s work. Please read.

Refs:
1. https://security.stackexchange.com/a/144044
2. https://stribika.github.io/2015/01/04/secure-secure-shell.html
3. https://blog.g3rt.nl/upgrade-your-ssh-keys.html

Leave a Reply