SSH Key Generator

Create a fresh SSH key pair in seconds, right here in your browser. Pick a key type, hit generate, and download your keys. Done.

100% client-side — your private key is generated in the browser using Web Crypto and never sent to any server. Ever.

Generate Key

Key Type

Ed25519 is the modern default. Use RSA only if your server requires it.

Comment (optional)

A label to help you identify this key later (usually your email).

Filename (optional)

Custom name for your key files. Defaults to id_ed25519 if left blank. Useful when you have multiple keys (e.g. github-work, deploy-prod).

Security & Privacy

Keys are generated using Web Crypto API with cryptographically secure randomness

Private keys exist only in browser memory — cleared when you navigate away

No keys, fingerprints, or metadata are sent to any server

No key data is captured by analytics — only page views and performance metrics

Ed25519 uses @noble/ed25519, RSA uses the native Web Crypto API

Output is standard OpenSSH format — works with ssh, GitHub, GitLab, and every major tool

Works in Chrome 63+, Firefox 57+, Safari 11+, Edge 79+. Requires HTTPS or localhost for the Web Crypto API.

You might also need

SSH Config Generator

Configure SSH with your new key

OpenSSL Command Generator

Generate SSL/TLS certificates too

Base64 Encode/Decode

Encode your public key for configs

SSH Keys — The Quick Rundown

What even are SSH keys?

Imagine your server has a special lock, and only your laptop has the matching key. That's basically SSH keys. You put the "public key" (the lock) on every server you want to access, and keep the "private key" (the actual key) safe on your machine. When you connect, the server checks if your key fits — and you're in, no password needed. It's both more secure and more convenient than passwords.

Where do the keys go?

Your private key goes in ~/.ssh/ on your machine (that's /home/you/.ssh/ on Linux/Mac, or C:\Users\you\.ssh\ on Windows). The public key (.pub file) goes wherever you want access — paste it in GitHub → Settings → SSH Keys, or add a line to ~/.ssh/authorized_keys on a server. Important: your private key file permissions must be 600 (owner read/write only), or SSH will flat-out refuse to use it.

Should I add a passphrase after downloading?

Strongly recommended. A passphrase encrypts your private key on disk, so even if someone gets hold of the file, they can't use it without knowing the passphrase. After downloading, run: ssh-keygen -p -f ~/.ssh/your_key_name. Then use ssh-agent to cache it so you don't have to type the passphrase every single time you connect.

What are fingerprints for?

A fingerprint is a short hash of your public key — like a checksum. When you first connect to a server and it asks you to verify a fingerprint, that's how you confirm it's using the right key. GitHub and GitLab show fingerprints in your SSH key settings, so you can double-check which key is which when you have multiple keys.

I have multiple keys — how do I manage them?

You'll want an SSH config file. It lets you tell SSH which key to use for which server, so you never have to pass -i flags manually. We built a tool for that too — check out the SSH Config Generator on this site. It makes setting up ~/.ssh/config painless.