Key Management¶
Manage your SSH keys in StormTunnel.
Opening Key Management¶
- Press ⌘K to open Key Management
- Or go to Settings → SSH Keys
Window Overview¶
The Key Management window has three main areas:
Left: List of all your SSH keys
Middle: Details about the selected key (format, validation status, fingerprint)
Right: Actions you can perform on the key
Finding Your Keys¶
StormTunnel automatically finds SSH keys in your ~/.ssh/ directory. When you open Key Management, existing keys appear automatically.
Importing Keys¶
To use an SSH key from another location:
- Click Import button
- Select your key file (.pem, .key, or id_rsa/id_ed25519)
- Click Open
Or drag and drop a key file directly into the Key Management window.
Understanding SSH Keys¶
An SSH key pair consists of:
- Private Key - Secret file that stays on your Mac (like a password)
- Public Key - Shared with servers (like a username)
Common key types:
| Type | Best For | Recommended? |
|---|---|---|
| ED25519 | Modern servers (fast + secure) | Yes |
| RSA | Older servers (widely compatible) | OK |
Key Status Indicators¶
- ✅ Green - Key is valid and ready to use
- ⚠️ Yellow - Key works but has warnings (weak encryption, permissions)
- ❌ Red - Key has problems and won't work
Using Keys in Tunnels¶
When creating or editing a tunnel:
- Choose "SSH Key" authentication method
- Click the dropdown and select your key
- Save the tunnel
The tunnel now uses that key to connect.
Copying Your Public Key¶
To add your key to a server:
- Select your key
- Click Copy Public Key
- Paste the key into the server's
~/.ssh/authorized_keys
Ask your server administrator if you're not sure where to paste it.
Filtering Keys¶
Click the Filter dropdown to show:
- All Keys - Everything
- Valid Only - Working keys (green status only)
- Needs Attention - Keys with warnings (yellow)
- Encrypted Keys - Password-protected keys
- Unencrypted Keys - Keys without password protection
Searching Keys¶
Use the search box to find keys by name. For example:
github→ Find keys named "github-*"prod→ Find production keysed25519→ Find ED25519 keys
Common Issues¶
Key Not Appearing¶
Problem: You have an SSH key but it's not showing in Key Management
Solution:
- Check if it's in
~/.ssh/directory - Try clicking Import manually
- Restart StormTunnel if needed
"Invalid Key Format" Error¶
Problem: Key won't import
Solution:
- Make sure you're selecting the private key (not the .pub file)
- Verify the file starts with
-----BEGIN OPENSSH PRIVATE KEY-----or-----BEGIN RSA PRIVATE KEY----- - Ask where you got the key from if unsure of the format
Key Works Elsewhere But Not in StormTunnel¶
Problem: SSH works from Terminal but not StormTunnel
Possible solutions:
- Re-import the key fresh
- Check if key has a passphrase - StormTunnel will ask for it
- Verify file permissions are
600or400
Best Practices¶
- Use ED25519 keys - They're modern and secure
- Use descriptive names - e.g.,
id_ed25519_workinstead ofid_rsa - Keep separate keys - Use different keys for work, personal, staging
- Never share private keys - Only share public keys
- Rotate keys regularly - At least once per year
- Keep backups - Store a secure backup of important keys
Related Topics¶
- Authentication Guide - How to use keys with tunnels
- Settings Reference - Configure key preferences
- Troubleshooting - Solve key-related problems
Need Help?¶
Documentation¶
Support¶
- 🐛 GitHub Issues: https://github.com/stormtunnel/stormtunnel-macos/issues
- 💬 Community: stormtunnel.app/community