Hey all, This is probably a pretty basic question that I could look up elsewhere, but in the interest of completeness I thought I'd ask here.
Does anyone know (or have a link to) the current "best practices" for creating a GPG or SSH key? I know this kind of thing tends to evolve over time so I figured the start of 2026 was a good time to ask. Specifically, I'm interested in RSA vs other encryption algorithms. I've read that RSA4096 has been recommended for some time now, but are there benefits and/or caveats to selecting the other algorithms? Proton Mail recommends RSA2048 due to performance which makes sense for that use case. Their client '"end" for e2e is javascript running in a browser so I can see how a bigger key would slow things down.. Thoughts? Suggestions? Rants about the futility of cybersecurity with the advent of quantum computers? -Ben p.s. as a side giggle.. the web form used to compose emails for Proton is flagging "GPG", "RSA", and "javascript" as spelling errors. You'd think that after 30-ish years the spellcheck dictionaries would have been updated to use common computer terms. wow.
