RSA vs ED25519
TL;DR:
- Use ED25519 (if supported)
- Unless youβre targeting legacy systems, prefer ed25519 β itβs more modern, secure, and faster.
- ED25519: Modern, compact, faster β recommended
- RSA: Widely compatible, older, heavier β use if needed for legacy support
Detailed Comparison
| Feature |
RSA |
ED25519 |
| π Algorithm Type |
Asymmetric, based on factoring |
Elliptic Curve Cryptography (ECC) |
| π Security |
Good (4096-bit recommended) |
Stronger at smaller size |
| π Key Size |
2048 / 3072 / 4096 bits |
256 bits (only) |
| π Speed |
Slower (especially for signing) |
Faster for both signing and verifying |
| β³ Age |
Older, well-tested |
Newer (since OpenSSH 6.5, 2014) |
| π§ Config Flexibility |
More tunable options |
Simpler (fixed size) |
| π Size (private key) |
Larger |
Smaller |
| π΄ Compatibility |
Universally supported |
Requires OpenSSH β₯ 6.5 |
| 𧱠Quantum Resistance |
Not resistant |
Also not resistant |
When to Use Each
| Use Case |
Recommended Key |
| Working with modern systems (GitHub, GitLab, SSH servers) |
β
ED25519 |
| Need compatibility with older servers, VPNs, or enterprise systems |
β
RSA 4096-bit |
How to Generate (Examples)
# ED25519
ssh-keygen -t ed25519 -C "[email protected]"
# RSA (4096-bit)
ssh-keygen -t rsa -b 4096 -C "[email protected]"
Managing multiple SSH keys for both GitHub and Bitbucket, each with personal and work accounts
GitHub identifies SSH keys by the email/username attached to the key, so you need to configure them properly
1. Generate SSH Keys
# GitHub Personal
ssh-keygen -t ed25519 -C "personal-github" -f ~/.ssh/id_ed25519_github_personal
# GitHub Work
ssh-keygen -t ed25519 -C "vgc-github" -f ~/.ssh/id_ed25519_github_vgc
ssh-keygen -t ed25519 -C "td2c-github" -f ~/.ssh/id_ed25519_github_td2c
ssh-keygen -t ed25519 -C "ap-github" -f ~/.ssh/id_ed25519_github_ap
ssh-keygen -t ed25519 -C "rw-bit" -f ~/.ssh/id_ed25519_bit_rw
# Bitbucket Personal
ssh-keygen -t ed25519 -C "personal-bitbucket" -f ~/.ssh/id_ed25519_bitbucket_personal
# Bitbucket Work
ssh-keygen -t ed25519 -C "work-bitbucket" -f ~/.ssh/id_ed25519_bitbucket_work
2. Add Public Keys to Respective Accounts
- Upload these .pub files to:
- GitHub β Settings β SSH & GPG keys
- Bitbucket β Personal Settings β SSH keys
vim ~/.ssh/id_ed25519_bit_rw.pub
# GitHub Personal
Host github-ap
HostName github.com
User git
IdentityFile ~/.ssh/id_ed25519_github_ap
# GitHub Work
Host github-vgc
HostName github.com
User git
IdentityFile ~/.ssh/id_ed25519_github_vgc
# GitHub Work2
Host github-td2c
HostName github.com
User git
IdentityFile ~/.ssh/id_ed25519_github_td2c
# Bitbucket Personal
Host bitbucket-personal
HostName bitbucket.org
User git
IdentityFile ~/.ssh/id_ed25519_bitbucket_personal
# Bitbucket Work3
Host bitbucket-rw
HostName bitbucket.org
User git
IdentityFile ~/.ssh/id_ed25519_bit_rw
Clone Repositories Using Aliases
git clone git@github-personal:username/repo.git
git clone git@github-vgc:org/repo.git
git clone git@github-td2c:org/repo.git
git clone git@bitbucket-personal:username/repo.git
git clone git@bitbucket-rw:org/repo.git
5. Set Per-Repo Identity
git config user.name "Your Work/Personal Name"
git config user.email "[email protected]"