SSH keys use strong encryption
What
The strong key size is required to prevent bruteforcing of the private key or at least delay it.
How to fix
To check the strength of a key:
- Open Terminal app and type
ssh-keygen -l -f ~/.ssh/id_rsa
- Replace id_rsa with the name of the key that was reported
- Press enter, the first returned value is key size
To check the strength of a key that you use in GitHub or GitLab:
- visit aremykeyssafe.com,
- enter the username/handle you use on the service to see the report.
Recommended key sizes are as follows:
- For the RSA algorithm at least 2048, recommended 4096
- The DSA algorithm should not be used
- For the ECDSA algorithm it should be 521
- For the ED25519 the key size should be 256 or larger
Sources NIST, SSH Academy.
If you want to create a new strong SSH key, the GitHub docs provide a great starting point.