Comment 10 for bug 1638537

How much time had elapsed between the user.creation step and the manual run of ssh-keygen? Perhaps the ssh-keygen just ran quickly because the kernel had already accumulated enough entropy.

Do these keys need to be 4096 bit RSA keys? curve25519 ecc keys are vastly smaller, faster to generate, and should provide security roughly on par with 2048 bit RSA keys. (There are longer curves in case RSA 4096 security level is important for this use; see Ed448-goldilocks, m-511, e-521, for examples.)

Thanks