Login Start Free trial

SSH keys use strong encryption

What

The strong key size is required to prevent bruteforcing of the private key or at least delay it.

How to fix

To check the strength of a key:

Open Terminal app and type
ssh-keygen -l -f ~/.ssh/id_rsa
Replace id_rsa with the name of the key that was reported
Press enter, the first returned value is key size

To check the strength of a key that you use in GitHub or GitLab:

visit aremykeyssafe.com,
enter the username/handle you use on the service to see the report.

Recommended key sizes are as follows:

For the RSA algorithm at least 2048, recommended 4096
The DSA algorithm should not be used
For the ECDSA algorithm it should be 521
For the ED25519 the key size should be 256 or larger

Sources NIST, SSH Academy.

If you want to create a new strong SSH key, the GitHub docs provide a great starting point.