🔑 SSH Key Generator
Generate SSH key pairs. RSA, ECDSA.
Ed25519: Not supported in browsers (Web Crypto limitation)
📋 When to Use the SSH Key Generator
The SSH Key Generator is critical for developers, system administrators, and security-conscious users. Use it when setting up servers, generating credentials, validating security configurations, or auditing existing systems. It's built with privacy-first principles — all processing happens in your browser, so sensitive data like keys and passwords never leave your device. Perfect for production work, security audits, and educational purposes.
⚙️ How the SSH Key Generator Works
The SSH Key Generator uses the browser's native Web Crypto API (crypto.getRandomValues, SubtleCrypto) for all cryptographic operations. When you generate keys, hashes, or tokens, the randomness comes from your operating system's cryptographically secure random number generator — the same source used by password managers and security tools. All operations run locally in your browser; generated values are never transmitted, stored, or logged. The tool is open source for independent security audit.
How to Use the SSH Key Generator
- Choose your key type — Select RSA 2048-bit, RSA 4096-bit, ECDSA P-256, or ECDSA P-384 from the dropdown.
- Click Generate — Your key pair is created instantly using the browser's Web Crypto API. Nothing is sent to any server.
- Copy your public key — Use this to add to your server's
~/.ssh/authorized_keysor paste into GitHub/GitLab SSH settings. - Save your private key securely — Copy and save it as a
.pemfile. Never share your private key with anyone.
Frequently Asked Questions
Why no Ed25519 support?
Ed25519 is not supported by the Web Crypto API in browsers. RSA and ECDSA are the strongest options available for browser-based generation. For Ed25519, use ssh-keygen in your terminal.
Are the keys generated securely?
Yes. Keys are generated using your browser's cryptographic random number generator (Web Crypto API). The private key exists only in your browser's memory and is never transmitted.
What format are the keys in?
Both public and private keys are exported in PEM format, compatible with OpenSSH and most SSH clients. RSA keys use PKCS#8 format for private keys.
Should I use RSA or ECDSA?
ECDSA keys are more modern, smaller, and faster. RSA 4096-bit offers the widest compatibility. For new deployments, ECDSA P-256 is recommended.