Is my SSH key generated on a server?

No. All key generation runs 100% in your browser using the Web Crypto API. Your private key is never transmitted anywhere. For production use, generating keys locally with the ssh-keygen CLI is also recommended.

What is the difference between RSA, Ed25519, and ECDSA?

Ed25519 is the modern recommended choice — it is fast, secure, and produces short keys. ECDSA is also modern but has some implementation concerns. RSA is the legacy standard; use 4096-bit if you need RSA for compatibility. For new keys, always use Ed25519.

What is an SSH key passphrase?

A passphrase encrypts your private key file. If someone steals your private key file, they cannot use it without the passphrase. It is strongly recommended for keys used in production or that have access to sensitive systems.

Where do I put my public key on the server?

Append the public key to ~/.ssh/authorized_keys on the remote server. Each line in authorized_keys is one public key. You can also use "ssh-copy-id user@host" to do this automatically from your local machine.

What is the difference between SSH keys and SSL certificates?

SSH keys are used for authentication — proving your identity to a server. SSL/TLS certificates are used for encryption and identity verification of servers to clients (HTTPS). They use similar cryptographic primitives but serve different purposes and use different formats.

Dev Toolkit — 55+ Free Client-Side Developer Utilities

About the SSH Key Generator

SSH key pairs are the standard way to authenticate to remote servers, GitHub, GitLab, and cloud infrastructure without passwords. A key pair consists of a private key (kept secret on your machine) and a public key (placed on the server). This tool generates SSH key pairs in your browser using the Web Crypto API — no server involved.

Key algorithm guide

Ed25519 (Recommended)

Modern elliptic curve algorithm. Fast, secure, and produces compact 68-character public keys. Supported by all modern SSH servers and Git hosting platforms.

ECDSA P-256/P-384

Elliptic curve algorithm with NIST curves. Good performance and security. Use when Ed25519 is not supported by the target system.

RSA 2048/4096

Legacy algorithm with maximum compatibility. Use 4096-bit for new RSA keys. Required for some older systems and hardware security keys.

Passphrase Protection

Optionally encrypt the private key with a passphrase. Strongly recommended for keys with access to production systems.

Pipeline

RSA/EC Keypair Generator — generate keypairs for JWT signing, encryption, and API authentication.
CI/CD Builder — add your SSH public key as a deploy key in your pipeline configuration.

Frequently asked

Is my SSH key generated on a server?: No. All key generation runs 100% in your browser using the Web Crypto API. Your private key is never transmitted anywhere. For production use, generating keys locally with the ssh-keygen CLI is also recommended.
What is the difference between RSA, Ed25519, and ECDSA?: Ed25519 is the modern recommended choice — it is fast, secure, and produces short keys. ECDSA is also modern but has some implementation concerns. RSA is the legacy standard; use 4096-bit if you need RSA for compatibility. For new keys, always use Ed25519.
What is an SSH key passphrase?: A passphrase encrypts your private key file. If someone steals your private key file, they cannot use it without the passphrase. It is strongly recommended for keys used in production or that have access to sensitive systems.
Where do I put my public key on the server?: Append the public key to ~/.ssh/authorized_keys on the remote server. Each line in authorized_keys is one public key. You can also use "ssh-copy-id user@host" to do this automatically from your local machine.
What is the difference between SSH keys and SSL certificates?: SSH keys are used for authentication — proving your identity to a server. SSL/TLS certificates are used for encryption and identity verification of servers to clients (HTTPS). They use similar cryptographic primitives but serve different purposes and use different formats.