All Tools
Privacy-first: runs locally in your browser
SSH Key Generator
Generate SSH key pairs securely in your browser.
Quick Start (Terminal)
Prefer the command line? Generate the same key with:
ssh-keygen -t ed25519 -C "[email protected]"Replace with -t rsa -b 4096 for RSA keys.
What is SSH Key Generation?
SSH keys are cryptographic key pairs used for secure authentication to remote servers. Instead of typing a password, your private key proves your identity. The public key goes on servers you want to access, while the private key stays secret on your machine.
SSH Key Types Compared
| Type | Security | Speed | Compatibility |
|---|---|---|---|
| Ed25519 | Excellent | Very fast | Modern systems (OpenSSH 6.5+) |
| RSA 4096 | Excellent | Slower | Universal |
| RSA 2048 | Good | Moderate | Legacy systems |
Frequently Asked Questions
Should I use RSA or Ed25519 in 2026?
Ed25519 is recommended for most users. It offers equivalent security to RSA 4096 with much smaller keys (256 bits vs 4096 bits), faster performance, and resistance to certain side-channel attacks. Use RSA 4096 only if you need to connect to older systems that don't support Ed25519.
Why does GitHub reject my SSH key?
Common reasons include: using an unsupported key type (GitHub deprecated RSA with SHA-1), the key wasn't added correctly to your GitHub account, or there's a mismatch between your local key and what's on GitHub. Try generating a new Ed25519 key and adding it fresh to your account.
What's the difference between PEM and OpenSSH format?
PEM format uses headers like '-----BEGIN RSA PRIVATE KEY-----' and is the traditional format. OpenSSH format (introduced in OpenSSH 6.5) uses '-----BEGIN OPENSSH PRIVATE KEY-----' and supports all key types including Ed25519. Most modern tools support both formats.
Should I use a passphrase for my SSH key?
Yes, a passphrase adds a layer of protection if your private key file is compromised. Without a passphrase, anyone with access to your key file can use it. Use ssh-agent to avoid typing your passphrase repeatedly.
Where should I store my SSH keys?
Store private keys in ~/.ssh/ with permissions set to 600 (read/write for owner only). Never share or commit private keys. Public keys can be shared freely—that's their purpose. Consider backing up keys securely in case of hardware failure.
Can I use the same SSH key for multiple servers?
Yes, you can add your public key to authorized_keys on multiple servers. However, some security policies recommend using separate keys for different security domains (e.g., work vs personal, production vs development).
What does the comment field do in an SSH key?
The comment (typically user@hostname) is appended to the public key and helps identify keys when you have multiple. It has no cryptographic function—it's purely for organization. You can set it to anything meaningful like 'laptop-2025' or 'work-macbook'.
Is it safe to generate SSH keys in a browser?
Yes, when using client-side generation like this tool. The keys are generated using your browser's Web Crypto API and never leave your device. No data is sent to any server. For maximum security in high-risk environments, use the command-line ssh-keygen tool on an air-gapped machine.
Related Tools
Need to manage SSH connections?
SSH Workbench lets you connect, browse files, and manage servers visually.
Try SSH Workbench Free