Don't want to lose this tool?Install free browser extension to bookmark and access your favorite tools from toolbar

SSH Key Parser

Parse and analyze SSH public keys. Extract key type, algorithm, key size, fingerprints (SHA-256, MD5), and comments from OpenSSH public keys.

This tool processes all data locally on your device.

Input

SSH public key

0 characters

Output

Readme

What is an SSH public key?

An SSH public key is one half of a cryptographic key pair used for secure authentication over the SSH (Secure Shell) protocol. When you generate an SSH key pair, you get a private key (kept secret on your machine) and a public key (shared with servers you want to access). The server uses your public key to verify your identity without transmitting a password.

SSH public keys are stored as a single line of text in OpenSSH format, containing three parts: the key type (like ssh-rsa or ssh-ed25519), the base64-encoded key data, and an optional comment (usually user@hostname). Embedded inside the base64 data is structured binary information including the algorithm parameters and the actual cryptographic material.

Fingerprints are short, human-readable hashes of the key data. They make it easy to verify and compare keys without reading the full base64 string. The two most common fingerprint formats are SHA-256 (the modern default) and MD5 (the legacy format with colon-separated hex pairs).

Tool description

This tool parses SSH public keys in OpenSSH format and extracts all important metadata. Paste your public key and instantly see the key type, algorithm, key size in bits, comment, and both SHA-256 and MD5 fingerprints — matching the output you would get from ssh-keygen -l.

Examples

Input:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl user@laptop

Output:

Field	Value
Key type	ssh-ed25519
Algorithm	Ed25519
Key size	256 bits
Comment	user@laptop
Fingerprint SHA-256	SHA256:nThbg6kXUpJWGl7E1IGOCspRomTxdCARLviKw6E5SY8
Fingerprint MD5	MD5:16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48

Features

Supports RSA, Ed25519, ECDSA (P-256, P-384, P-521), DSA, and Security Key (FIDO) key types
Computes SHA-256 and MD5 fingerprints in standard OpenSSH format
Extracts key size in bits directly from the binary key data
Validates key structure including base64 integrity and embedded type consistency
Parses the optional comment field from the public key line

How it works

The tool splits the input into three parts: key type, base64 data, and comment. It then decodes the base64 data into binary and reads the internal structure using SSH's length-prefixed format, where each field starts with a 4-byte big-endian length followed by the field data. The key size is determined from the algorithm-specific parameters — for RSA it is the bit length of the modulus n, for DSA it is the prime p, and for elliptic curve keys it is derived from the curve name. Fingerprints are computed by hashing the raw binary key data with SHA-256 and MD5.

Supported key types

Type identifier	Algorithm
`ssh-rsa`	RSA
`ssh-ed25519`	Ed25519
`ecdsa-sha2-nistp256`	ECDSA (P-256)
`ecdsa-sha2-nistp384`	ECDSA (P-384)
`ecdsa-sha2-nistp521`	ECDSA (P-521)
`ssh-dss`	DSA
`sk-ssh-ed25519@openssh.com`	Ed25519-SK (Security Key)
`sk-ecdsa-sha2-nistp256@openssh.com`	ECDSA-SK (Security Key)

Use cases

Verifying key fingerprints — Confirm that a public key matches the expected fingerprint before adding it to authorized_keys or a Git hosting service
Auditing server access — Quickly identify the algorithm and key size of keys in your authorized_keys file to find weak or outdated keys
Debugging SSH issues — Check whether a key is in the correct format, uses the expected algorithm, and has a valid structure

FAQ

Where do I find my SSH public key? On most systems it is stored at ~/.ssh/id_ed25519.pub, ~/.ssh/id_rsa.pub, or a similar path depending on the algorithm. You can also run ssh-add -L to list keys loaded in your SSH agent.

Is it safe to share my public key? Yes. The public key is designed to be shared. It cannot be used to derive the private key or authenticate on your behalf.

Why do SHA-256 and MD5 fingerprints look different? SHA-256 fingerprints are base64-encoded and prefixed with SHA256:, while MD5 fingerprints use colon-separated hexadecimal pairs prefixed with MD5:. SHA-256 is the default in modern OpenSSH versions.

Tool info

Created

Apr 19, 2026

Last updated

Apr 20, 2026

Similar Tools

Bitcoin Address Validator

Validate Bitcoin (BTC) wallet addresses and check if they are properly formatted according to Bitcoin network standards.

htpasswd Generator

Generate htpasswd password hashes for Apache and Nginx HTTP Basic Authentication. Supports MD5 (apr1), bcrypt, SHA-1, and plaintext formats.

Caesar Cipher Encoder Decoder

Encode or decode text using the classic Caesar cipher with adjustable shift values. Encrypt messages by rotating letters forward or decrypt by shifting backward.

Embed

Embed this tool anywhere for free. Need help? Check out our guide.

<iframe src="https://rapidtoolset.com/en/embed/ssh-key-parser" title="SSH Key Parser - rapidtoolset.com" style="border:0;width:100%;min-height:600px;" loading="lazy"></iframe>
<p>Powered by : <a href="https://rapidtoolset.com/en/tool/ssh-key-parser" target="_blank">https://rapidtoolset.com/en/tool/ssh-key-parser</a></p>

HTML

321 characters

Disclaimer

The tools provided on this website are designed to assist users in solving various problems. While we strive to ensure that the tools are accurate and effective, we do not guarantee or warrant that the output of any tool will be 100% accurate or error-free. The results generated by these tools are provided as-is and should be used with caution. We recommend that users verify any important information or results with additional resources or professional advice, as we cannot be held responsible for any consequences arising from the use of these tools. By using this website, you agree to assume all risks associated with the accuracy and use of the results provided.