alwaysInBeta Stable software is for the weak

ssh personal keypair generation

Original publication date: 2014-09-12 02:26:02+00:00

Revised 2016-09-25

Generating SSH keys

ssh-keygen -t ecdsa -b 521

Or if you really must, ssh-keygen -t rsa -b 4096

The Arch wiki suggests using

ssh-keygen -t ecdsa -b 521 -C "$(whoami)@$(hostname)-$(date -I)"

And points out that ecdsa may be incompatible with PuTTY and Gnome Keyring.

Further reading

Ask HN: What are the best practises for using SSH keys?

And the somewhat controversial Upgrade your SSH keys!

(Controversial because the suggested setup has debatable marginal security relative to ECDSA, is incompatible with older systems, and has relatively little explaination given, which may or may not be a good thing in security)