From f85953c06051170bb89d21e5c1d7c7b5efaaf19b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jes=C3=BAs?= <heckyel@hyperbola.info>
Date: Thu, 15 Apr 2021 18:31:08 -0500
Subject: [ssh] update to ed25519

---
 ssh/README.md | 36 +++++++++++++++++++++---------------
 1 file changed, 21 insertions(+), 15 deletions(-)

diff --git a/ssh/README.md b/ssh/README.md
index 3901a77..c2998d6 100644
--- a/ssh/README.md
+++ b/ssh/README.md
@@ -2,23 +2,23 @@
 
 ### Generate SSH key pair
 
-#### Medium security
-
-    ssh-keygen -b 4096
-
-#### High security
-
-    ssh-keygen -b 16384
+```console
+$ ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com"
+```
 
 #### Change private key permissions
 
-    chmod 600 ~/.ssh/id_rsa
+```console
+$ chmod 600 ~/.ssh/id_ed25519
+```
 
 ### Client usage
 
 To connect to a server, run:
 
-    ssh -p port user@server-address
+```
+$ ssh -p port user@server-address
+```
 
 `port` for default is `22`
 
@@ -31,9 +31,9 @@ To connect to a server, run:
 
 The client can be configured to store common options and hosts. All options can be declared globally or restricted to specific hosts. For example:
 
-```
-~/.ssh/config
-
+```bash
+nano -w ~/.ssh/config
+-------------------------------
 # host-specific options
 Host myserver
     HostName ssh.heckyel.ga
@@ -45,9 +45,13 @@ Host myserver
 
 With such a configuration, the following commands are equivalent
 
-`ssh -p port user@server-address`
+```console
+$ ssh -p port user@server-address
+```
 
-`ssh myserver`
+```console
+$ ssh myserver
+```
 
 ### Server usage
 
@@ -73,4 +77,6 @@ For additional protection, you can prevent users from adding new public keys and
 
 In the server, make the authorized_keys file read-only for the user and deny all other permissions:
 
-    chmod 400 ~/.ssh/authorized_keys
+```console
+$ chmod 400 ~/.ssh/authorized_keys
+```
-- 
cgit v1.2.3