{"id":23,"date":"2026-03-19T14:45:01","date_gmt":"2026-03-19T14:45:01","guid":{"rendered":"https:\/\/netguide.io\/tools\/?p=23"},"modified":"2026-03-19T14:45:02","modified_gmt":"2026-03-19T14:45:02","slug":"ssh-key-generator","status":"publish","type":"post","link":"https:\/\/netguide.io\/tools\/de\/ssh-key-generator\/","title":{"rendered":"SSH Key Generator"},"content":{"rendered":"\n<div class=\"wp-ssh-container\">\n    <h3 class=\"wp-ssh-title\">SSH Key Generator (Fixed)<\/h3>\n\n    <div class=\"wp-ssh-grid\">\n        <div class=\"wp-ssh-group\">\n            <label>Algorithm<\/label>\n            <select id=\"wp-ssh-algo\">\n                <option value=\"RSA-2048\">RSA (2048-bit)<\/option>\n                <option value=\"RSA-4096\">RSA (4096-bit)<\/option>\n                <option value=\"ECDSA-P-256\">ECDSA (NIST P-256)<\/option>\n                <option value=\"ECDSA-P-384\">ECDSA (NIST P-384)<\/option>\n                <option value=\"ECDSA-P-521\">ECDSA (NIST P-521)<\/option>\n            <\/select>\n        <\/div>\n        <div class=\"wp-ssh-group\">\n            <label>Key Comment<\/label>\n            <input type=\"text\" id=\"wp-ssh-comment\" placeholder=\"user@example.com\">\n        <\/div>\n    <\/div>\n\n    <div class=\"wp-ssh-actions\">\n        <button onclick=\"generateSSHKey()\" class=\"btn-primary\" id=\"btn-gen-ssh\">Generate Key Pair<\/button>\n    <\/div>\n\n    <div class=\"wp-ssh-group\">\n        <label>Private Key (Keep Secret!)<\/label>\n        <textarea id=\"wp-ssh-private\" readonly placeholder=\"Private key will appear here...\"><\/textarea>\n        <div class=\"wp-ssh-btn-row\">\n            <button onclick=\"copySSH('private')\" class=\"btn-copy-small\">Copy<\/button>\n            <button onclick=\"downloadKey('private')\" class=\"btn-download-small\">Download .key<\/button>\n        <\/div>\n    <\/div>\n\n    <div class=\"wp-ssh-group\">\n        <label>Public Key (OpenSSH Format)<\/label>\n        <textarea id=\"wp-ssh-public\" readonly placeholder=\"Public key will appear here...\"><\/textarea>\n        <div class=\"wp-ssh-btn-row\">\n            <button onclick=\"copySSH('public')\" class=\"btn-copy-small\">Copy<\/button>\n            <button onclick=\"downloadKey('public')\" class=\"btn-download-small\">Download .pub<\/button>\n        <\/div>\n    <\/div>\n\n    <style>\n        .wp-ssh-container { max-width: 100%; background: #fff; padding: 20px; border: 1px solid #ddd; border-radius: 10px; font-family: sans-serif; box-shadow: 0 2px 10px rgba(0,0,0,0.05); }\n        .wp-ssh-title { color: #2271b1; margin-bottom: 15px; border-bottom: 1px solid #eee; padding-bottom: 10px; }\n        .wp-ssh-grid { display: grid; grid-template-columns: 1fr 1fr; gap: 15px; margin-bottom: 15px; }\n        .wp-ssh-group label { display: block; font-size: 11px; font-weight: bold; margin-bottom: 5px; color: #666; }\n        .wp-ssh-group textarea, .wp-ssh-group input, .wp-ssh-group select { width: 100%; padding: 8px; border: 1px solid #ccc; border-radius: 4px; font-family: monospace; font-size: 12px; box-sizing: border-box; }\n        .wp-ssh-group textarea { height: 100px; background: #f9f9f9; }\n        .wp-ssh-btn-row { display: flex; gap: 5px; margin-top: 5px; }\n        .btn-primary { background: #2271b1; color: #fff; border: none; padding: 12px; border-radius: 5px; width: 100%; cursor: pointer; font-weight: bold; margin-bottom: 15px; }\n        .btn-copy-small, .btn-download-small { flex: 1; padding: 6px; border-radius: 4px; border: 1px solid #ccc; cursor: pointer; font-size: 11px; background: #f0f6fb; color: #2271b1; }\n        .btn-copy-small { background: #46b450; color: #fff; border: none; }\n    <\/style>\n\n    <script>\n        \/\/ Helper to create SSH-style length-prefixed blobs\n        function sshString(str) {\n            const encoder = new TextEncoder();\n            const data = encoder.encode(str);\n            const len = new Uint8Array(4);\n            new DataView(len.buffer).setUint32(0, data.length);\n            return new Uint8Array([...len, ...data]);\n        }\n\n        function sshBlob(data) {\n            const len = new Uint8Array(4);\n            new DataView(len.buffer).setUint32(0, data.length);\n            return new Uint8Array([...len, ...data]);\n        }\n\n        async function generateSSHKey() {\n            const btn = document.getElementById('btn-gen-ssh');\n            const algoType = document.getElementById('wp-ssh-algo').value;\n            const comment = document.getElementById('wp-ssh-comment').value || 'web-key';\n            btn.innerText = \"Generating...\";\n            \n            try {\n                let keyPair, pubFormat, pubPrefix;\n                \n                if (algoType.startsWith('RSA')) {\n                    const size = parseInt(algoType.split('-')[1]);\n                    keyPair = await crypto.subtle.generateKey(\n                        { name: \"RSASSA-PKCS1-v1_5\", modulusLength: size, publicExponent: new Uint8Array([1, 0, 1]), hash: \"SHA-256\" },\n                        true, [\"sign\", \"verify\"]\n                    );\n                    \n                    const jwk = await crypto.subtle.exportKey(\"jwk\", keyPair.publicKey);\n                    const e = new Uint8Array(atob(jwk.e.replace(\/-\/g, '+').replace(\/_\/g, '\/')).split('').map(c => c.charCodeAt(0)));\n                    const n = new Uint8Array(atob(jwk.n.replace(\/-\/g, '+').replace(\/_\/g, '\/')).split('').map(c => c.charCodeAt(0)));\n                    \n                    \/\/ Standard ssh-rsa wire format: [ssh-rsa identifier] [exponent] [modulus]\n                    \/\/ (Correcting leading zeros for positive integers in SSH format)\n                    const n_fixed = n[0] & 0x80 ? new Uint8Array([0, ...n]) : n;\n\n                    const parts = new Uint8Array([...sshString(\"ssh-rsa\"), ...sshBlob(e), ...sshBlob(n_fixed)]);\n                    document.getElementById('wp-ssh-public').value = `ssh-rsa ${btoa(String.fromCharCode(...parts))} ${comment}`;\n\n                } else {\n                    const curve = algoType.replace('ECDSA-', ''); \/\/ e.g. P-256\n                    const nistName = curve === 'P-256' ? 'nistp256' : (curve === 'P-384' ? 'nistp384' : 'nistp521');\n                    const sshName = \"ecdsa-sha2-\" + nistName;\n\n                    keyPair = await crypto.subtle.generateKey({ name: \"ECDSA\", namedCurve: curve }, true, [\"sign\", \"verify\"]);\n                    \n                    const jwk = await crypto.subtle.exportKey(\"jwk\", keyPair.publicKey);\n                    const x = new Uint8Array(atob(jwk.x.replace(\/-\/g, '+').replace(\/_\/g, '\/')).split('').map(c => c.charCodeAt(0)));\n                    const y = new Uint8Array(atob(jwk.y.replace(\/-\/g, '+').replace(\/_\/g, '\/')).split('').map(c => c.charCodeAt(0)));\n                    \n                    \/\/ ECDSA wire format: [identifier] [curve-name] [Q (point: 0x04 + x + y)]\n                    const q = new Uint8Array([0x04, ...x, ...y]);\n                    const parts = new Uint8Array([...sshString(sshName), ...sshString(nistName), ...sshBlob(q)]);\n                    document.getElementById('wp-ssh-public').value = `${sshName} ${btoa(String.fromCharCode(...parts))} ${comment}`;\n                }\n\n                const priv = await crypto.subtle.exportKey(\"pkcs8\", keyPair.privateKey);\n                document.getElementById('wp-ssh-private').value = formatPEM(priv, \"PRIVATE KEY\");\n\n            } catch (e) {\n                console.error(e);\n                alert(\"Generation failed. Check console.\");\n            }\n            btn.innerText = \"Generate Key Pair\";\n        }\n\n        function formatPEM(buffer, label) {\n            const base64 = btoa(String.fromCharCode(...new Uint8Array(buffer)));\n            return `-----BEGIN ${label}-----\\n${base64.match(\/.{1,64}\/g).join('\\n')}\\n-----END ${label}-----`;\n        }\n\n        function downloadKey(type) {\n            const val = document.getElementById('wp-ssh-' + type).value;\n            if(!val) return;\n            const a = document.createElement('a');\n            a.href = URL.createObjectURL(new Blob([val], {type: 'text\/plain'}));\n            a.download = type === 'private' ? 'id_ssh' : 'id_ssh.pub';\n            a.click();\n        }\n\n        function copySSH(id) {\n            const el = document.getElementById('wp-ssh-' + id);\n            if(!el.value) return;\n            navigator.clipboard.writeText(el.value).then(() => alert(\"Copied!\"));\n        }\n    <\/script>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Funktionsweise und Anwendung<\/h2>\n\n\n\n<p>Ein SSH-Schl\u00fcsselpaar besteht immer aus zwei Teilen: dem <strong>Private Key<\/strong> (privater Schl\u00fcssel) und dem <strong>Public Key<\/strong> (\u00f6ffentlicher Schl\u00fcssel). Dieses Verfahren nennt sich asymmetrische Kryptografie.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Private Key:<\/strong> Dies ist dein digitaler Identit\u00e4tsnachweis. Er darf niemals deinen Computer verlassen oder mit anderen geteilt werden. Speichere ihn in einer Datei (z. B. <code>id_rsa<\/code>) und sch\u00fctze ihn unter Linux\/macOS mit dem Befehl <code>chmod 400 id_rsa<\/code>.<\/li>\n\n\n\n<li><strong>Public Key:<\/strong> Diesen Schl\u00fcssel kannst du bedenkenlos teilen. Er wird auf dem Zielserver in der Datei <code>~\/.ssh\/authorized_keys<\/code> hinterlegt. Er fungiert wie ein Schloss, f\u00fcr das nur dein Private Key den passenden Schl\u00fcssel besitzt.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Empfehlung: Welchen Key-Typ soll ich w\u00e4hlen?<\/h2>\n\n\n\n<p>Die Wahl des Algorithmus ist ein Abw\u00e4gen zwischen <strong>Sicherheit, Geschwindigkeit und Kompatibilit\u00e4t<\/strong>.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><td><strong>Algorithmus<\/strong><\/td><td><strong>Empfehlung<\/strong><\/td><td><strong>Warum?<\/strong><\/td><\/tr><\/thead><tbody><tr><td><strong>ECDSA (P-256\/384)<\/strong><\/td><td>\u2b50 <strong>Top-Wahl<\/strong><\/td><td>Modern, extrem schnell und bietet bei deutlich k\u00fcrzeren Schl\u00fcsseln die gleiche Sicherheit wie massiv lange RSA-Keys. Ideal f\u00fcr moderne Cloud-Infrastrukturen.<\/td><\/tr><tr><td><strong>RSA (4096-bit)<\/strong><\/td><td><strong>Sicherer Standard<\/strong><\/td><td>Wenn du absolute Kompatibilit\u00e4t mit sehr alten Systemen (z. B. 10 Jahre alte Server) brauchst, ist RSA 4096 die sicherste Wahl im klassischen Bereich.<\/td><\/tr><tr><td><strong>RSA (2048-bit)<\/strong><\/td><td><em>Legacy<\/em><\/td><td>Heute das absolute Minimum. Nur verwenden, wenn Hardware-Einschr\u00e4nkungen nichts anderes zulassen.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Meine Empfehlung f\u00fcr dich:<\/h3>\n\n\n\n<p>Nutze <strong>ECDSA (P-256)<\/strong>. Es ist der aktuelle &#8220;Sweet Spot&#8221;. Die Schl\u00fcssel sind kurz (einfach zu kopieren), die Authentifizierung auf dem Server geht blitzschnell und die Sicherheit ist f\u00fcr fast alle Anwendungsf\u00e4lle absolut ausreichend.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Kurzanleitung: Installation auf dem Server<\/h2>\n\n\n\n<p>Sobald du deine Keys generiert hast, kannst du sie so verwenden:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Auf deinem PC:<\/strong> Speichere den Private Key als Datei ab (z. B. <code>mein_schluessel.key<\/code>).<\/li>\n\n\n\n<li><strong>Auf dem Server:<\/strong> Logge dich (noch per Passwort) auf deinem Server ein und \u00f6ffne die Datei f\u00fcr autorisierte Schl\u00fcssel:<code>nano ~\/.ssh\/authorized_keys<\/code><\/li>\n\n\n\n<li><strong>Einf\u00fcgen:<\/strong> Kopiere den <strong>Public Key<\/strong> aus dem Generator und f\u00fcge ihn als neue Zeile in diese Datei ein. Speichern und Schlie\u00dfen.<\/li>\n\n\n\n<li><strong>Testen:<\/strong> Versuche dich nun mit dem Schl\u00fcssel einzuloggen:<code>ssh -i mein_schluessel.key user@dein-server.de<\/code><\/li>\n<\/ol>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>Sicherheitshinweis:<\/strong> Da dieser Generator die <strong>Web Crypto API<\/strong> deines Browsers nutzt, werden die Schl\u00fcssel lokal in deinem Arbeitsspeicher berechnet. Deine geheimen Schl\u00fcssel werden <strong>nicht<\/strong> \u00fcber das Internet an einen Server gesendet. Dennoch gilt: F\u00fcr hochkritische Bank- oder Milit\u00e4r-Infrastruktur generiert man Schl\u00fcssel am besten offline auf einem &#8220;Air-Gapped&#8221; System.<\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>SSH Key Generator (Fixed) Algorithm RSA (2048-bit)RSA (4096-bit)ECDSA (NIST P-256)ECDSA (NIST P-384)ECDSA (NIST P-521) Key Comment Generate Key Pair Private [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[33],"tags":[49,51,37,45,47,39,43,41],"class_list":["post-23","post","type-post","status-publish","format-standard","hentry","category-generatoren","tag-ecdsa","tag-ecdsa-p-256","tag-generator","tag-key","tag-rsa","tag-ssh","tag-ssh-key-2","tag-ssh-key"],"_links":{"self":[{"href":"https:\/\/netguide.io\/tools\/wp-json\/wp\/v2\/posts\/23","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/netguide.io\/tools\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/netguide.io\/tools\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/netguide.io\/tools\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/netguide.io\/tools\/wp-json\/wp\/v2\/comments?post=23"}],"version-history":[{"count":1,"href":"https:\/\/netguide.io\/tools\/wp-json\/wp\/v2\/posts\/23\/revisions"}],"predecessor-version":[{"id":24,"href":"https:\/\/netguide.io\/tools\/wp-json\/wp\/v2\/posts\/23\/revisions\/24"}],"wp:attachment":[{"href":"https:\/\/netguide.io\/tools\/wp-json\/wp\/v2\/media?parent=23"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/netguide.io\/tools\/wp-json\/wp\/v2\/categories?post=23"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/netguide.io\/tools\/wp-json\/wp\/v2\/tags?post=23"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}