ED25519 SSH keys (BB-13645)

Issue #10983 closed
Neiro Nyan
created an issue

There is no way to add ssh keys generated using "ssh-keygen -t ed25519" command in "SSH keys" section.

Official response

Comments (44)

  1. Anonymous

    Yes, please support these.

    • newer, debatably more secure
    • noticeably faster & therefore uses less energy
  2. Kostya Vasilyev

    Any news on this? Looks like bitbucket.org is running OpenSSH 5.3, pretty old, and might be reason enough to upgrade.

    CodebaseHQ, Github, Gitlab.com all allow ed25519 (and are also capable of using chacha20-poly1305 encryption, by virtue of using newer OpenSSH versions).

  3. Erik Anderson

    @Abhin Chhabra @alimurad

    Sorry for the spam, but this has gone on far too long without a response from Atlassian, so I'm tagging some Atlassian accounts I know of in an attempt to get some movement, an ETA, or at least an acknowledgement that this is on your roadmap.

    Abhin and Ali - can you please run this up the flagpole to whomever is appropriate to respond? Thank you!

  4. Benjamin Echols

    We're working on upgrading our SSH infrastructure. Unfortunately, it's not as trivial as just updating our version of OpenSSH. I don't have a delivery date, but this is on our roadmap. I'll post more specifics here as I get them.

  5. Alexander Tesfamichael

    It's great to hear that! Just that comment (after months of silence) means a lot. I think I speak for a lot of people posting here but also reading this issue when I say good intentions in a service provider are a big deal. I'm sure many would also like to point out intentions are still just intentions, as time passes their meaningfulness will erode.

    For now, thank you for providing an update!

  6. Stefan T

    You should hurry up ;) Because many people are not upgrading their keys from dss because OpenSSH stopped to support them in the default configuration. This OpenSSH is now shipped with the latest LTS release of Ubuntu for example...

  7. Chi Hsuan Yen

    @benechols Could you reveal more details about the current progress? I guess upgrading OpenSSH and write new codes for the infrastructure is not something that requires more than 3 months. Or are there any blocking SSH bugs? Bitbucket has many better features than Github. ED25519/ECDSA support is the only missing one for me.

  8. Benjamin Echols

    We're continuing to make progress on this. As referenced in my previous update, adding support for these additional key types actually has a number of infrastructure dependencies for us, so it's not a trivial upgrade. We're also balancing a number of competing priorities. That said, this is still getting worked on, and I will post more details when I can.

  9. Jay Looney

    @benechols I appreciate you providing feedback, it makes the future seem promising. As it stands I have only been utilizing Bitbucket as per client demand and recommending that everyone jump ship, I hope that can change soon.

  10. Log in to comment