You need teraterm 4.107 or later. Many of the older commercial versions of SSH (WRQ, SecureCRT) with fancy specialty emulations don’t support it either. Windows and MacOS also don't appear (yet) to support ed25519 in the OS
Your also going to have a LOT of trouble with OpenWRT. For some stupid reason the devs decided to drop the ed25519 in the small_flash builds of dropbear which as OpenWRT continues it's path towards gut-exploding obesity, is increasing being used for more and more devices. Unfortunately, RSA, although requiring very large bit widths to make secure (even though not all older gear supports those bit lengths) appears to be quite entrenched. Ted -----Original Message----- From: PLUG <[email protected]> On Behalf Of Matt Kowalczyk Sent: Tuesday, January 20, 2026 12:40 PM To: [email protected] Subject: Re: [PLUG] Current Best Practices for GPG/SSH keys I use ed25519 Besides all the claims of it being more secure / performant, I like it because it's a shorter key. I did a simple google search and here is gitlabs notes on ssh keys which also recommends ed25519, https://docs.gitlab.com/user/ssh/#ed25519-ssh-keys On 1/20/2026 10:15 AM, Ben Koenig via PLUG wrote: > Hey all, > > This is probably a pretty basic question that I could look up elsewhere, but > in the interest of completeness I thought I'd ask here. > > Does anyone know (or have a link to) the current "best practices" for > creating a GPG or SSH key? I know this kind of thing tends to evolve over > time so I figured the start of 2026 was a good time to ask. > > Specifically, I'm interested in RSA vs other encryption algorithms. I've read > that RSA4096 has been recommended for some time now, but are there benefits > and/or caveats to selecting the other algorithms? Proton Mail recommends > RSA2048 due to performance which makes sense for that use case. Their client > '"end" for e2e is javascript running in a browser so I can see how a bigger > key would slow things down.. > > Thoughts? Suggestions? Rants about the futility of cybersecurity with the > advent of quantum computers? > > -Ben > > p.s. as a side giggle.. the web form used to compose emails for Proton is > flagging "GPG", "RSA", and "javascript" as spelling errors. You'd think that > after 30-ish years the spellcheck dictionaries would have been updated to use > common computer terms. wow. -- Matt Kowalczyk
