Skip to content

feat: add configurable SSH host key algorithm support #18866

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

feat: add configurable SSH host key algorithm support #18866

wants to merge 7 commits into from
+49 −8

Conversation

blink-so[bot]
Copy link
Contributor

@blink-so blink-so bot commented Jul 15, 2025

Summary

Adds support for configurable SSH host key algorithms to improve compatibility with modern SSH clients like Visual Studio 2022 that no longer support RSA host keys.

Changes

  • Add HostKeyAlgorithm field to agentssh.Config - allows configuration of SSH host key algorithm
  • Implement Ed25519 key generation - adds deterministic Ed25519 key generation alongside existing RSA support
  • Add CLI flag --ssh-host-key-algorithm - with environment variable CODER_AGENT_SSH_HOST_KEY_ALGORITHM
  • Support both 'rsa' and 'ed25519' algorithms - with RSA as default for backward compatibility
  • Update CoderSigner function - now accepts algorithm parameter and supports both key types

Testing

  • ✅ Code compiles successfully
  • ✅ CLI flag appears in help output
  • ✅ RSA key generation works (default behavior)
  • ✅ Ed25519 key generation works
  • ✅ Invalid algorithms return proper errors
  • ✅ Backward compatibility maintained

Usage

# Use Ed25519 (recommended for modern clients)
coder agent --ssh-host-key-algorithm ed25519

# Or via environment variable
CODER_AGENT_SSH_HOST_KEY_ALGORITHM=ed25519 coder agent

# RSA remains the default
coder agent  # Uses RSA

Resolves

This addresses the Visual Studio 2022 compatibility issue where newer SSH clients reject RSA host keys, allowing users to configure Ed25519 which is widely supported and more secure.

blink-so bot and others added 3 commits July 15, 2025 07:53
@blink-so @kylecarbs
feat: add configurable SSH host key algorithm support
f9f7f5a 
Adds support for configurable SSH host key algorithms to improve
compatibility with modern SSH clients like Visual Studio 2022.

Changes:
- Add HostKeyAlgorithm field to agentssh.Config
- Implement Ed25519 key generation in CoderSigner function
- Add CLI flag --ssh-host-key-algorithm with env var support
- Support both 'rsa' (default) and 'ed25519' algorithms
- Maintain backward compatibility with RSA as default

Resolves compatibility issues with SSH clients that no longer
support RSA host keys.

Co-authored-by: kylecarbs <7122116+kylecarbs@users.noreply.github.com>
@blink-so @kylecarbs
fix: format code to pass CI checks
b9e0fc9 
Remove trailing whitespace from empty lines in agentssh.go
to satisfy the formatting requirements.

Co-authored-by: kylecarbs <7122116+kylecarbs@users.noreply.github.com>
@blink-so
fix(tests): update CoderSigner call in ssh_test.go
0d2172e
@ethanndickson
Copy link
Member

@blink instead of making it configurable, can't we just support both algorithms simultaneously?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ethanndickson