[deg4uss3r]

Yes, very much so. In addition stop using RSA[0] and use ed25519 with `ssh-keygen -t ed25519`

[0]: https://blog.trailofbits.com/2019/07/08/fuck-rsa/

[devonkim]

Because Jenkins has its own ssh client, that wasn't supported as of last year with elliptic curve based keys and I had to re-launch a bunch of servers in production to downgrade back to RSA or DSA keys because they were basically the only key types that Jenkins supported. Really not sure why Jenkins had to go this far to re-invent a cryptographic wheel (besides the usual "support both Windows and Linux" angle).

[viraptor]

Unless you're using a hardware token via gpg-agent. In that case RSA is the only way most of the time.

[xemdetia]

Yeah hopefully when FIPS 140-3 finishes we'll start seeing hardware tokens that can do elliptic curves.