SSH ED25519

If you found this kind of error when performing SSH

"no mutual signature algorithm"

That’s mean, it’s a time to stop using RSA.
RSA was deprecated for a while.
For security reason, ED25519 is recommended.

Question 1: Can I convert an existing RSA key to ED25519?

Answer: No, it’s different algorithm. You must generate new key with ED25519 instead.

Generate new SSH key ED25519

$ ssh-keygen -t ed25519

Once finish generation, new two files will be generated.

id_ed25519
id_ed25519.pub

Question 2: Can I use mixed of RSA and ED25519?

Answer: Yes, in case of your old server still using RSA type. You can configure the SSH to use multiple keys like the following.

Create or Edit .ssh/config

Host *
  AddKeysToAgent yes
  UseKeychain yes
  IdentityFile ~/.ssh/id_ed25519
  IdentityFile ~/.ssh/id_rsa

This example, we define for every host to use id_ed25519 first, then fallback to id_rsa when fail to authenticate with id_ed25519.

Keep secured !