All tools
Development tools

SSH Key Info

Paste an SSH public key to detect its algorithm, bit length, MD5 and SHA256 fingerprints, and get a security rating — all in your browser.

Key type detection Bit length MD5 fingerprint SHA256 fingerprint Security rating Comment extraction
Get started free Sign in

Free · No credit card · 50 credits/day

SSH key type comparison

Type Key size Security Notes
Ed25519 256-bit ✅ Excellent Recommended. Fast, small, timing-attack resistant. OpenSSH 6.5+ (2014).
ECDSA-256 256-bit ✅ Good Elliptic curve — good for constrained environments. Slightly weaker than Ed25519.
RSA-4096 4096-bit ✅ Good Large keys, slower ops. Still widely compatible. Fine for legacy systems.
RSA-2048 2048-bit ⚠️ Acceptable May become inadequate by 2030. Upgrade to 4096 or Ed25519 for new keys.
RSA-1024 1024-bit ❌ Broken Factored in practice. Do not use — rejected by many servers.
DSA 1024-bit ❌ Deprecated Removed in OpenSSH 7.0. Avoid entirely.

Frequently asked questions

Which SSH key type should I use?

Ed25519 is the recommended choice: 256-bit, fast, resistant to timing attacks, and supported by all modern SSH servers (OpenSSH 6.5+, 2014). ECDSA-256 is a reasonable alternative. RSA-4096 is still secure but slower. Avoid RSA-1024 (broken) and DSA (deprecated in OpenSSH 7.0).

What is an SSH key fingerprint?

A fingerprint is a short hash of the public key used to identify it without displaying the full key. When you first SSH to a server, you see the host key fingerprint to verify. SHA256 fingerprints (modern default) look like SHA256:base64string. MD5 fingerprints look like colon-separated hex. Always verify fingerprints out-of-band to prevent MITM attacks.

Is it safe to share my SSH public key?

Yes. The public key (.pub file) is meant to be shared — it goes in ~/.ssh/authorized_keys on servers you access. The private key must never be shared. If you suspect your private key is compromised, revoke the public key from all authorized_keys files and generate a new pair immediately.

What is a passphrase on an SSH key?

A passphrase encrypts your private key file on disk. Without one, anyone with the file can use it. With one, they also need the passphrase. Use ssh-agent or a hardware key (YubiKey) to avoid typing the passphrase repeatedly. Always use a passphrase, especially on shared machines or laptops.

Related security tools

More tools for keys, hashes and authentication.

Bcrypt Generator

Hash passwords securely — complements SSH key-based auth for web application login.

Hash Generator

Generate MD5/SHA fingerprints of files and data — same technique used by SSH for key fingerprints.

JWT Debugger

Decode and verify JWTs — often signed with RSA or ECDSA keys like your SSH key algorithm.

Inspect your SSH key security

Free account. 50 credits per day. Access to 75+ tools instantly.

Create free account →