Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
RSA vs ECDSA vs ED25519
Wondering why ECDSA is not supported. ED25519 is not supported by FIPS-140-20 and so FIPS enabled hosts cannot use ED25519. I was under the impression, and please correct me if I'm wrong, but RSA 2...
Please keep in mind that users have to deal with a vast amount of older systems and older keys that cannot be updated to use state of the art key types. It's even so that the security policy of your company may require to use for example "rsa 2048 bit" keys, and you must use these. Yes, company policy requires this, and this is immutable like one of the god given commandments. Everyone knows it's not state of the art any more, even the persons who wrote the policies, but a policy update needs years and the next one isn't planned yet.
With such keys, 1Password cannot be used, but in reality, such keys are being used.
So it's required for universal use for the agent to be useful to support every key algorithm and key length OpenSSH does support, even the unsecure ones. It's the user who decides to use some algorithm, it should not be the software that simply denies him to use one.
