SSH Keypair Generator

Recommended Algorithms

• Ed25519 (Recommended): Currently the most recommended public key cryptosystem using elliptic curve cryptography. Compared to RSA, the key length is shorter (uniform 256 bits), and signature generation/verification is overwhelmingly fast while boasting extremely high security strength. Choose this for new keys unless special compatibility requirements exist.
• RSA: The oldest and most widely used algorithm. Used for compatibility purposes when connecting to environments that do not support Ed25519, such as old servers or legacy systems. A key length of at least 2048 bits, preferably 4096 bits, is recommended.

Required Permission Settings

Strict permission settings are required in Mac and Linux environments to use SSH keys securely. If permissions are too broad, connections will be refused.

• chmod 700 ~/.ssh : The .ssh directory itself must be "read, write, and execute for the owner only".
• chmod 600 ~/.ssh/id_ed25519 : The private key must be "read and write for the owner only". Never let others read it.
• chmod 644 ~/.ssh/id_ed25519.pub : There is no problem if the public key is readable by others (644).

Useful ~/.ssh/config Examples

When using multiple keys (e.g., GitHub work/personal, or specific servers), writing settings to the ~/.ssh/config file is extremely convenient as it allows you to omit the -i option during connection.

# Example for GitHub personal account
Host github.com-personal
  HostName github.com
  User git
  IdentityFile ~/.ssh/id_ed25519_personal
  IdentitiesOnly yes

# Example for development server
Host dev-server
  HostName 192.168.1.100
  User admin
  Port 2222
  IdentityFile ~/.ssh/id_rsa_dev