From b86f0a7d9c809cbf06619999e505e7b641cdc8e3 Mon Sep 17 00:00:00 2001
From: "nicolas.dorier" <nicolas.dorier@gmail.com>
Date: Fri, 8 Jul 2022 16:32:43 +0900
Subject: [PATCH] Make BTCPay ssh key using safe algo

---
 docker-entrypoint.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 6c95d537d..9bb0ee7b2 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -6,7 +6,7 @@ if [ -f "$BTCPAY_SSHAUTHORIZEDKEYS" ] && [[ "$BTCPAY_SSHKEYFILE" ]]; then
     if ! [ -f "$BTCPAY_SSHKEYFILE" ] || ! [ -f "$BTCPAY_SSHKEYFILE.pub" ]; then
         rm -f "$BTCPAY_SSHKEYFILE" "$BTCPAY_SSHKEYFILE.pub"
         echo "Creating BTCPay Server SSH key File..."
-        ssh-keygen -t rsa -f "$BTCPAY_SSHKEYFILE" -q -P "" -m PEM -C btcpayserver > /dev/null
+        ssh-keygen -t ed25519 -f "$BTCPAY_SSHKEYFILE" -q -P "" -m PEM -C btcpayserver > /dev/null
         # Let's make sure the SSHAUTHORIZEDKEYS doesn't have our key yet
         # Because the file is mounted, set -i does not work
         sed '/btcpayserver$/d' "$BTCPAY_SSHAUTHORIZEDKEYS" > "$BTCPAY_SSHAUTHORIZEDKEYS.new"