Posts  / #POST-001206
REDDIT

Why is using Argon2id to generate an SSH key insecure?

P
Feb 13, 2025 · 03:38

The idea I have is a secure password into Argon2id using NaCl(truncated to 32 bytes), then use NaCl to turn that into a secret key that SSH will happily accept. I have managed to get OpenSSH to accept a key generated in this manner, and it was able to connect fine. It seems crazy and like it is going to blow up in my face.