SSH Public Key Fingerprint Calculator

Paste any SSH public key (the contents of ~/.ssh/id_rsa.pub, ~/.ssh/id_ed25519.pub, an authorized_keys line, or anything in the SSH wire format) and get the SHA-256 fingerprint. Matches what ssh-keygen -l -f key.pub prints. Also shows the legacy MD5 fingerprint and the key's algorithm and bit size.

How to use the SSH Public Key Fingerprint Calculator

Paste a single-line SSH public key. The format is <type> <base64-blob> <optional comment> — exactly what you'd add to an authorized_keys file. The tool decodes the base64 wire format, hashes it with SHA-256 (and MD5 for legacy use), and prints the fingerprint in the colon-separated form used by ssh-keygen.

About SSH Public Key Fingerprint Calculator

An SSH public key fingerprint is a short hash that uniquely identifies a key without revealing its full bytes. When you first connect to an SSH server, the server presents its host key; the client shows you the fingerprint and asks if you trust it. From then on, the client warns you loudly if the server's key changes (potential MITM). Fingerprints also let you compare a key in someone's GitHub profile to one in your authorized_keys without copy-pasting the whole base64 blob.

Modern ssh-keygen defaults to SHA-256 fingerprints in base64 form (e.g., SHA256:abc...xyz). Older versions and some tooling still use MD5 in hex with colon separators (aa:bb:cc:...). Both are produced here for completeness.

Common use cases

• Verify a host key — confirm the fingerprint your terminal showed matches the one your sysadmin published.
• Audit authorized_keys — quickly identify which key in your file matches a fingerprint from a security review.
• GitHub / GitLab key verification — compare a generated keypair's fingerprint to what GitHub shows after upload.
• Migration sanity check — confirm you copied the right keys when moving between machines.