FIDO Authentication, developed by the FIDO Alliance, is a global authentication standard based on public key cryptography. (https://fidoalliance.org/what-is-fido/)
The FIDO ("Fast IDentity Online") Alliance is an open industry association launched in February 2013 whose stated mission is to develop and promote authentication standards that "help reduce the world’s over-reliance on passwords".[1] FIDO addresses the lack of interoperability among devices that use strong authentication and reduces the problems users face creating and remembering multiple usernames and passwords. (https://en.wikipedia.org/wiki/FIDO_Alliance)
FIDO2 passwordless authentication relies on cryptographic algorithms to generate a pair of private and public passkeys—long, random numbers that are mathematically related. The key pair is used to perform user authentication directly on an end user’s device, whether a desktop computer, laptop, mobile phone, or security key. A passkey can be bound to a single user device or automatically synced across a user’s multiple devices through a cloud service. (https://www.microsoft.com/en-us/security/business/security-101/what-is-fido2)
When choosing to use FIDO2 for SSH, you’ll need to decide between key generation options: ecdsa-sk and ed25519-sk. (https://swjm.blog/the-complete-guide-to-ssh-with-fido2-security-keys-841063a04252)
The SSH protocol uses public key cryptography for authenticating hosts and users. The authentication keys, called SSH keys, are created using the keygen program.
SSH introduced public key authentication as a more secure alternative to the older .rhosts authentication. It improved security by avoiding the need to have password stored in files, and eliminated the possibility of a compromised server stealing the user's password.
However, SSH keys are authentication credentials just like passwords. Thus, they must be managed somewhat analogously to user names and passwords. They should have a proper termination process so that keys are removed when no longer needed.
SSH supports several public key algorithms for authentication keys. These include:
- rsa - an old algorithm based on the difficulty of factoring large numbers. A key size of at least 2048 bits is recommended for RSA; 4096 bits is better. RSA is getting old and significant advances are being made in factoring. Choosing a different algorithm may be advisable. It is quite possible the RSA algorithm will become practically breakable in the foreseeable future. All SSH clients support this algorithm.
- dsa - an old US government Digital Signature Algorithm. It is based on the difficulty of computing discrete logarithms. A key size of 1024 would normally be used with it. DSA in its original form is no longer recommended.
- ecdsa - a new Digital Signature Algorithm standarized by the US government, using elliptic curves. This is probably a good algorithm for current applications. Only three key sizes are supported: 256, 384, and 521 (sic!) bits. We would recommend always using it with 521 bits, since the keys are still small and probably more secure than the smaller keys (even though they should be safe as well). Most SSH clients now support this algorithm.
- ed25519 - this is a new algorithm added in OpenSSH. Support for it in clients is not yet universal. Thus its use in general purpose applications may not yet be advisable.
(https://www.ssh.com/academy/ssh/keygen#what-is-ssh-keygen?)
RSA vs. DSA vs. ECDSA vs. EdDSA (https://goteleport.com/blog/comparing-ssh-keys/)
RSA (Rivest–Shamir–Adleman) is a public-key cryptosystem, one of the oldest widely used for secure data transmission. The initialism "RSA" comes from the surnames of Ron Rivest, Adi Shamir and Leonard Adleman, who publicly described the algorithm in 1977. (https://en.wikipedia.org/wiki/RSA_(cryptosystem))