#ssh
#dev
RSA vs ED25519
TL;DR:
- Use ED25519 (if supported)
- Unless you’re targeting legacy systems, prefer ed25519 — it’s more modern, secure, and faster.
- ED25519: Modern, compact, faster — recommended
- RSA: Widely compatible, older, heavier — use if needed for legacy support
Detailed Comparison
| Feature |
RSA |
ED25519 |
| 🔐 Algorithm Type |
Asymmetric, based on factoring |
Elliptic Curve Cryptography (ECC) |
| 🔒 Security |
Good (4096-bit recommended) |
Stronger at smaller size |
| 📏 Key Size |
2048 / 3072 / 4096 bits |
256 bits (only) |
| 🚀 Speed |
Slower (especially for signing) |
Faster for both signing and verifying |
| ⏳ Age |
Older, well-tested |
Newer (since OpenSSH 6.5, 2014) |
| 🔧 Config Flexibility |
More tunable options |
Simpler (fixed size) |
| 📉 Size (private key) |
Larger |
Smaller |
| 👴 Compatibility |
Universally supported |
Requires OpenSSH ≥ 6.5 |
| 🧱 Quantum Resistance |
Not resistant |
Also not resistant |
When to Use Each
| Use Case |
Recommended Key |
| Working with modern systems (GitHub, GitLab, SSH servers) |
✅ ED25519 |
| Need compatibility with older servers, VPNs, or enterprise systems |
✅ RSA 4096-bit |
How to Generate (Examples)
# ED25519
ssh-keygen -t ed25519 -C "[email protected]"
# RSA (4096-bit)
ssh-keygen -t rsa -b 4096 -C "[email protected]"
Managing multiple SSH keys for both GitHub and Bitbucket, each with personal and work accounts
GitHub identifies SSH keys by the email/username attached to the key, so you need to configure them properly
1. Generate SSH Keys
# GitHub Personal
ssh-keygen -t ed25519 -C "personal-github" -f ~/.ssh/id_ed25519_github_personal
# GitHub Work
ssh-keygen -t ed25519 -C "vgc-github" -f ~/.ssh/id_ed25519_github_vgc
ssh-keygen -t ed25519 -C "td2c-github" -f ~/.ssh/id_ed25519_github_td2c
ssh-keygen -t ed25519 -C "ap-github" -f ~/.ssh/id_ed25519_github_ap
ssh-keygen -t ed25519 -C "rw-bit" -f ~/.ssh/id_ed25519_bit_rw
# Bitbucket Personal
ssh-keygen -t ed25519 -C "personal-bitbucket" -f ~/.ssh/id_ed25519_bitbucket_personal
# Bitbucket Work
ssh-keygen -t ed25519 -C "work-bitbucket" -f ~/.ssh/id_ed25519_bitbucket_work
2. Add Public Keys to Respective Accounts
- Upload these .pub files to:
- GitHub → Settings → SSH & GPG keys
- Bitbucket → Personal Settings → SSH keys
vim ~/.ssh/id_ed25519_bit_rw.pub
# GitHub Personal
Host github-ap
HostName github.com
User git
IdentityFile ~/.ssh/id_ed25519_github_ap
# GitHub Work
Host github-vgc
HostName github.com
User git
IdentityFile ~/.ssh/id_ed25519_github_vgc
# GitHub Work2
Host github-td2c
HostName github.com
User git
IdentityFile ~/.ssh/id_ed25519_github_td2c
# Bitbucket Personal
Host bitbucket-personal
HostName bitbucket.org
User git
IdentityFile ~/.ssh/id_ed25519_bitbucket_personal
# Bitbucket Work3
Host bitbucket-rw
HostName bitbucket.org
User git
IdentityFile ~/.ssh/id_ed25519_bit_rw
Clone Repositories Using Aliases
git clone git@github-personal:username/repo.git
git clone git@github-vgc:org/repo.git
git clone git@github-td2c:org/repo.git
git clone git@bitbucket-personal:username/repo.git
git clone git@bitbucket-rw:org/repo.git
5. Set Per-Repo Identity
git config user.name "Your Work/Personal Name"
git config user.email "[email protected]"