Martin Kleppmann (via Mark Jason Dominus): I don’t know why ssh-keygen still generates keys in SSH’s traditional format, even though a better format has been available for years. Compatibility with servers is not a concern, because the private key never leaves your machine. Fortunately it’s easy enough to convert to PKCS#8: $ mv test_rsa_key test_rsa_key.old … Continue reading Improving the Security of Your SSH Private Key Files