Skip to content

Key Management

Manage your SSH keys in StormTunnel.

Opening Key Management

  • Press ⌘K, or
  • Go to Settings > SSH Keys

Window Layout

Left: List of all your SSH keys

Middle: Details about the selected key (format, validation status, fingerprint)

Right: Actions you can perform on the key

Finding Your Keys

StormTunnel automatically discovers SSH keys in your ~/.ssh/ directory. Existing keys appear when you open Key Management.

Importing Keys

  1. Click Import
  2. Select your key file (.pem, .key, or id_rsa/id_ed25519)
  3. Click Open

You can also drag and drop a key file directly into the Key Management window.

SSH Key Types

Type Best For Recommended?
ED25519 Modern servers (fast and secure) Yes
RSA Older servers (widely compatible) OK

An SSH key pair consists of a private key (stays on your Mac) and a public key (shared with servers).

Key Status Indicators

  • Green - Valid and ready to use
  • Yellow - Works but has warnings (weak encryption, permissions)
  • Red - Has problems and will not work

Using Keys in Tunnels

  1. Choose "SSH Key" authentication method when creating or editing a tunnel
  2. Select your key from the dropdown
  3. Save the tunnel

Copying Your Public Key

  1. Select your key
  2. Click Copy Public Key
  3. Paste into the server's ~/.ssh/authorized_keys

Ask your server administrator if you are unsure where to paste it.

Filtering Keys

Click the Filter dropdown to show:

  • All Keys - Everything
  • Valid Only - Working keys (green status)
  • Needs Attention - Keys with warnings (yellow)
  • Encrypted Keys - Password-protected keys
  • Unencrypted Keys - Keys without password protection

Searching Keys

Use the search box to find keys by name:

  • github -- Find keys named "github-*"
  • prod -- Find production keys
  • ed25519 -- Find ED25519 keys

Common Issues

Key Not Appearing

  1. Check if it is in ~/.ssh/
  2. Try clicking Import manually
  3. Restart StormTunnel

"Invalid Key Format"

  • Make sure you are selecting the private key (not the .pub file)
  • Verify the file starts with -----BEGIN OPENSSH PRIVATE KEY----- or -----BEGIN RSA PRIVATE KEY-----

Key Works in Terminal But Not in StormTunnel

  1. Re-import the key
  2. Check if key has a passphrase -- StormTunnel will prompt for it
  3. Verify file permissions are 600 or 400

Best Practices

  1. Use ED25519 keys -- modern and secure
  2. Use descriptive names -- e.g., id_ed25519_work instead of id_rsa
  3. Keep separate keys -- different keys for work, personal, staging
  4. Never share private keys -- only share public keys
  5. Rotate keys regularly -- at least once per year
  6. Keep backups -- store a secure backup of important keys