`ssh_keygen()` needs to add requirements to RSA keys

[psychelzh]

Currently, ssh_keygen() creates an RSA key with SHA-1, which is not allowed now. See this Github blog.

This might cause error in usethis::use_github_release() (https://github.com/r-lib/usethis/issues/1634).

Error in libgit2::git_remote_fetch : 
  ERROR: You're using an RSA key with SHA-1, which is no longer allowed. Please use a newer client or a different key type.
Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.

[jeroen]

Thanks I am aware. The SHA-1 is not part of the key, but generated by the ssh client. I am aware of the problem, sadly SHA-2 is not available yet in the latest release version of libssh2 (which is what libgit2 uses). Hopefully soon:

• https://github.com/libssh2/libssh2/issues/536
• https://github.com/libssh2/libssh2/pull/736
• https://github.com/libssh2/libssh2/pull/626

Maybe we should switch the default key to ecdsa in the mean while.

[jeroen]

I have changed ssh_keygen to generate ECDSA keys by default. Can you try again?

[psychelzh]

Thanks! It works now! 👍

[jeroen]

FYI I implemented a fix in gert 1.8.0 such that RSA keys work again, so I may revert this change.