jcoglan
commented
2 years ago Have you checked whether the existing code would work with ed25519 keys, if we removed the filter for ssh-rsa?
Open almereyda opened 2 years ago
jcoglan
commented
2 years ago Have you checked whether the existing code would work with ed25519 keys, if we removed the filter for ssh-rsa?
almereyda
commented
2 years ago Not yet, and not before end of October, since I'm moving houses.
the-13th-letter
commented
4 months ago Have you checked whether the existing code would work with ed25519 keys, if we removed the filter for
ssh-rsa?
It would: ed25519 key signatures are deterministic, like RSA signatures. And does: I've had quite some success running this on a local fork of vault for the last few years.
The use of RSA keys is hard coded.
https://github.com/jcoglan/vault/blob/c23907436d52f1959eac58b9af2f2f6fea4deeda/bin/vault#L51-L60
Nowadays that ed25519 keys are also common, it could be nice to have them available for encryption/decryption, too.