Are the keys generated securely?

Yes. The tool uses the browser's Web Crypto (SubtleCrypto) API, which draws from a cryptographically secure random number generator. The same primitive backs HTTPS in your browser, so the entropy quality matches production crypto.

Does my private key get uploaded?

No. Both the public and private key are generated and formatted entirely in your browser. Nothing is sent to any server, so closing the tab is enough to discard them if you change your mind.

Which algorithm should I choose?

Ed25519 is the modern default: small, fast and very secure. Choose RSA only if you must support an older server or device that does not yet accept Ed25519 keys; in that case prefer RSA 4096 over 2048.

What format is the public key in?

The public key is emitted in OpenSSH single-line format (ssh-ed25519 ... or ssh-rsa ...), exactly what you paste into a server's ~/.ssh/authorized_keys file or a Git host's SSH key settings.

What format is the private key?

The private key is exported as PEM (PKCS#8 for RSA, or the raw seed wrapped for Ed25519). Save it with permissions 600. For OpenSSH you may convert it with ssh-keygen -p if a tool expects the legacy key format.

SSH Key Pair Generator

SSH key pairs authenticate you to servers without a password: the server holds your public key, and you prove ownership of the matching private key during the handshake. This generator creates a fresh pair in your browser using the Web Crypto API, then formats the public half as a one-line OpenSSH key and the private half as PEM.

How it works

You choose Ed25519 or RSA (2048 or 4096 bits).
The tool calls crypto.subtle.generateKey with that algorithm and an extractable flag.
The public key is exported and re-encoded into the OpenSSH wire format: a length-prefixed key type string followed by the algorithm-specific public values, all Base64-encoded on a single ssh-... line.
The private key is exported as PKCS#8 and wrapped in a PEM block.

For RSA the OpenSSH blob packs the public exponent e and modulus n as mpint values; for Ed25519 it packs the 32-byte public point. Both follow the same length-prefixed string encoding used by the SSH protocol.

Tips

Paste the public key into the server — never the private one.
Store the private key with chmod 600 and consider an SSH agent or passphrase for extra protection (add a passphrase later with ssh-keygen -p).
Ed25519 keys are the safe default in 2026; reach for RSA 4096 only for legacy compatibility.

Notes

Key generation uses the browser’s secure random source, the same CSPRNG that backs TLS. Nothing is transmitted, so the pair only ever exists on your device until you copy or discard it. If your platform’s Web Crypto build lacks Ed25519, the tool falls back to offering RSA so you always get a usable key.