43

Specifically, why are the first 25 characters of ssh Ed25519 public keys always the same?

For example, if I make 5 keys with ssh-keygen -o -a 100 -t ed25519, the first 25 characters are always AAAAC3NzaC1lZDI1NTE5AAAAI.

I assume this is a preamble or header of some sort, but I would love to know the actual answer.

Morris Cornell-Morgan
  • 553
  • 4
  • 7
  • 10
    Crossdupe https://crypto.stackexchange.com/questions/5944/why-do-all-ssh-rsa-keys-begin-with-aaaab3nzac1yc . _New format_ OpenSSH _private key_ files similarly are the base64 encoding of data that begins with several mostly-constant XDR-formatted strings, although the key type/algorithm is some way in; new format is automatically used for ed25519 (because no old format exists for that type) and you only need to specify -o for other types. – dave_thompson_085 Jan 03 '18 at 10:04

1 Answers1

69

The string is base64 encoded. When decoded, it produces the string \0\0\0\vssh-ed25519\0. This identifies the type of the key. In this case an EdDSA key.

Johan Myréen
  • 12,862
  • 1
  • 32
  • 33
  • 18
    The `\0\0\0\v` part is 11 written as a 32 bit number and is indicating the length of the string `ssh-ed25519`. – kasperd Jan 03 '18 at 23:24