Paul's Internet Landfill/ 2019/ UNIX UX


Recently I needed to create some SSH keys. Usually I create RSA keys, but cryptography is always changing, and I wondered whether a different encryption standard would be superior. After a bit of reading I saw that the elliptic-curve scheme ed25519 had some buzz surrounding it.

That's all well and good. But consider the difference between:

ssh-keygen -t rsa 


ssh-keygen -t ed25519 

In the former case I have to remember three letters. In the latter case I need to remember two letters (not so hard) and five arbitary-looking numbers. I could probably remember those numbers if I had to, but why should I have to? Why is it so important that this key type have such a complicated name?

The answer, of course, is "because this name is precise". And that is the problem. Dan Bernstein and the OpenSSH developers care so much about precision that they are willing to sacrifice basic usability for it. I feel this is unhelpful. We give cutesy names ("Heartbleed", "RowHammer") to security vulnerabilities so they are more memorable. Couldn't we have chosen a short and memorable name for this cipher?

(I was also going to complain about the -t flag, but my concerns were misplaced, because ssh-keygen generates RSA keys (with appropriate keylengths?) by default. Oh wells.)