Replaced RSA keys with elliptical curve ed25519 key and subkey

shombando · Jan 19, 2024 · 940628d · 940628d
1 parent dee8bed
commit 940628d
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 4 deletions.
diff --git a/keyoxidizer.sh b/keyoxidizer.sh
@@ -8,9 +8,10 @@ generateConfig()
 {
 cat > ./keyoxidizer.config<<EOF
 #%dry-run
-Key-Type: RSA
-Key-Length: 3072
-Subkey-Type: RSA
+Key-Type: EDDSA
+Key-Curve: ed25519
+Subkey-Type: ECDH
+Subkey-Curve: cv25519
 Name-Real: $keyoxidizer_name
 Name-Email: $keyoxidizer_email
 Name-Comment: $keyoxidizer_comment

diff --git a/readme.org b/readme.org
@@ -5,7 +5,7 @@ This is a simple utility designed to make working with [[https://keyoxide.org][K
 This is an unofficial helper around Keyoxide but it does not (and may never) support all Keyoxide features. The goal is to lower the barrier to entry so this will remain a single file utility and have no external dependencies aside from ~bash~ and ~gpg~.
 
 * Security and Privacy
-The author is not an authority on security or privacy, please use at your own risk. The current default option will generate a 3072-bit RSA key with a single sub-key. If you want to generate multiple sub-keys or change other security options, please generate key outside of this script and use this script. If you want to hash your proofs then please consult [[https://blog.keyoxide.org/hashing-identity-proofs/][this Keyoxide blog post]]. Please take a look at [[https://github.com/shombando/keyoxidizer/issues/7][the discussion here]] for further information and feedback from the community.
+The author is not an authority on security or privacy, please use at your own risk. The current default option will generate a key with a single sub-key both using ed25519 curve, I believe this to be the best option for general usage at this point (2024). However, if you want to generate multiple sub-keys or change other security options, please generate key outside of this script and use this script. If you want to hash your proofs then please consult [[https://blog.keyoxide.org/hashing-identity-proofs/][this Keyoxide blog post]]. Please take a look at [[https://github.com/shombando/keyoxidizer/issues/7][the discussion here]] for further information and feedback from the community.
 
 * Usage
 ** Option 1

diff --git a/setRemotes.sh b/setRemotes.sh
@@ -0,0 +1,4 @@
+#!/usr/bin/sh
+set -eu
+git remote set-url --push origin --add [email protected]:~shom/keyoxidizer
+git remote set-url --push origin --add [email protected]:shombando/keyoxidizer.git