Don't want to lose this tool?Install free browser extension to bookmark and access your favorite tools from toolbar

SSH Key Pair Generator

Generate SSH key pairs (Ed25519, RSA) in OpenSSH format for secure server authentication

This tool processes all data locally on your device.

Input

Output

Public key

0 characters

Private key

0 characters

Readme

What is an SSH key pair?

An SSH key pair is a set of two cryptographic keys used to authenticate a user to a remote server without a password. The pair consists of a private key, kept secret on the user's machine, and a public key, placed on the remote server. When connecting, the server challenges the client to prove possession of the private key — without ever transmitting the private key itself. This asymmetric approach is significantly more secure than password-based authentication because there is no shared secret that can be intercepted or brute-forced.

SSH key pairs are generated using public-key cryptography algorithms. The most widely used are Ed25519, a modern elliptic-curve algorithm known for its small key size and high security, and RSA, a time-tested algorithm that relies on the difficulty of factoring large integers. Ed25519 is recommended for new keys due to its superior performance and resistance to side-channel attacks.

Tool description

The SSH Key Pair Generator creates cryptographically secure Ed25519 or RSA SSH key pairs directly in your browser using the Web Crypto API. No data is sent to a server — all key material is generated locally on your device. You can optionally add a comment (typically user@hostname) to help identify the key later. The generated public and private keys can be copied to the clipboard or downloaded as files, ready to use with ssh-copy-id or any SSH client.

Examples

Ed25519 public key

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl user@hostname

RSA public key (4096-bit)

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC2... user@hostname

Private key (OpenSSH format)

-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAAB...
-----END OPENSSH PRIVATE KEY-----

Features

Ed25519 and RSA support: Choose between a modern elliptic-curve algorithm or the classic RSA algorithm
RSA key size options: Select 2048, 3072, or 4096-bit RSA keys to balance security and performance
Optional comment field: Attach a user@hostname style comment to help identify the key across machines
Client-side generation: Keys are generated entirely in your browser using the Web Crypto API — nothing is transmitted or stored
One-click download: Save the public and private key files directly with correct filenames (id_ed25519, id_ed25519.pub, id_rsa, id_rsa.pub)

Use cases

Server access setup: Generate a key pair once and deploy the public key to any number of remote Linux/Unix servers via ~/.ssh/authorized_keys to enable password-free SSH login
Git hosting authentication: Add the public key to GitHub, GitLab, or Bitbucket to authenticate git push and git pull operations without entering credentials each time
CI/CD pipelines: Create a dedicated deployment key pair for automated scripts or build agents that need SSH access to servers or private repositories

How it works

Key generation uses the browser's built-in crypto.subtle API (Web Crypto). For Ed25519, the raw 32-byte private scalar and 32-byte public key are packed into the OpenSSH wire format (openssh-key-v1). For RSA, the key is exported in PKCS#8 DER format and wrapped in a standard PEM envelope. The public key blob is encoded in the SSH wire format (length-prefixed algorithm name followed by key material) and Base64-encoded, matching the format expected by OpenSSH's authorized_keys file.

Tips

After downloading, set the correct permissions on the private key file: chmod 600 ~/.ssh/id_ed25519. SSH will refuse to use a private key that is readable by other users.
Use Ed25519 unless you need compatibility with older systems that do not support it. It produces shorter keys and is faster than RSA.
The comment field does not affect the key's cryptographic strength — it is purely for human identification and can be changed later with ssh-keygen -c.
For maximum RSA compatibility with legacy servers, use 4096-bit keys. For modern servers, Ed25519 is preferred regardless of RSA key size.

Tool info

Created

Apr 19, 2026

Last updated

Apr 19, 2026

Similar Tools

OpenPGP Key Generator

Generate secure OpenPGP key pairs (ECC or RSA) with public key, private key, and revocation certificate for encryption and digital signatures

Passphrase Generator

Generate memorable passphrases using random words. Create secure and easy-to-remember passwords with customizable separators, capitalization, and optional numbers or symbols.

Mnemonic Phrase Generator

Generate and validate BIP39 mnemonic phrases for cryptocurrency wallets. Create secure recovery phrases with 12-24 words, convert between entropy and mnemonics, and derive cryptographic seeds with optional passphrases.

Embed

Embed this tool anywhere for free. Need help? Check out our guide.

<iframe src="https://rapidtoolset.com/en/embed/ssh-key-pair-generator" title="SSH Key Pair Generator - rapidtoolset.com" style="border:0;width:100%;min-height:600px;" loading="lazy"></iframe>
<p>Powered by : <a href="https://rapidtoolset.com/en/tool/ssh-key-pair-generator" target="_blank">https://rapidtoolset.com/en/tool/ssh-key-pair-generator</a></p>

HTML

353 characters

Disclaimer

The tools provided on this website are designed to assist users in solving various problems. While we strive to ensure that the tools are accurate and effective, we do not guarantee or warrant that the output of any tool will be 100% accurate or error-free. The results generated by these tools are provided as-is and should be used with caution. We recommend that users verify any important information or results with additional resources or professional advice, as we cannot be held responsible for any consequences arising from the use of these tools. By using this website, you agree to assume all risks associated with the accuracy and use of the results provided.