Keys are generated in your browser via Web Crypto API. The private key is never sent to the server.
SSH key pairs are the foundation of secure access to servers, Git repositories, and cloud infrastructure. This tool generates cryptographically strong key pairs directly in your browser using the Web Crypto API â no software installation required. The private key is generated locally on your device and never leaves the browser: no server transmission, no logs, no data storage.
~/.ssh/id_ed25519 (or id_rsa), then set permissions: chmod 600 ~/.ssh/id_ed25519~/.ssh/authorized_keys on your server: chmod 600 ~/.ssh/authorized_keys-----BEGIN PRIVATE KEY-----) is accepted by OpenSSH 7.8+ and all modern clientsEd25519 is the modern standard based on the Curve25519 elliptic curve. Public keys are about 68 bytes vs 700+ bytes for RSA 4096, signing operations are several times faster. The algorithm is resistant to small subgroup attacks and not vulnerable to nonce reuse issues that affect ECDSA. Supported by OpenSSH 6.5+ (2014), GitHub, GitLab, Bitbucket, and AWS EC2. Recommended for all new projects.
RSA 4096 is the best choice when you need compatibility with legacy systems that don't support Ed25519. RSA 2048 is the minimum acceptable key length by current standards (NIST, BSI) and is not recommended for long-lived keys.
Yes. The 101IP tool generates keys entirely in-browser using the Web Crypto API â a standard cryptographic interface built into all modern browsers. The private key is never transmitted to any server and is not stored anywhere. When you close the page, the key is gone permanently, so download it immediately after generation.
RSA 4096 offers maximum compatibility with all SSH clients and servers, but produces larger keys. RSA 2048 is faster but is considered only the minimum acceptable length by modern standards. Ed25519 is a modern elliptic-curve algorithm with much smaller keys, faster operations, and higher security. Recommended for new servers; use RSA 4096 only for maximum legacy compatibility.
Keys are generated without a passphrase for use in automation. To add one after downloading, run: ssh-keygen -p -f ~/.ssh/id_ed25519. A passphrase encrypts the private key file, protecting it if your filesystem is compromised.