> ## Documentation Index > Fetch the complete documentation index at: https://docs.neo.projectdiscovery.io/llms.txt > Use this file to discover all available pages before exploring further. # Generate SSH key pair > Generate a new SSH key pair with the specified algorithm. The private key is encrypted and stored server-side. It is never returned to the caller. Only the public key and fingerprint are returned. Supported algorithms: ed25519, rsa-2048, rsa-4096, ecdsa-256, ecdsa-384, ecdsa-521 ## OpenAPI ````yaml https://neo.api.projectdiscovery.io/api/openapi.json post /api/v1/ssh-keys openapi: 3.1.0 info: contact: name: ProjectDiscovery url: https://neo.projectdiscovery.io description: Neo API Server - Security agent orchestration platform license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0 title: Neo API version: 1.0.0 servers: - description: Production url: https://neo.api.projectdiscovery.io - description: Local development url: http://localhost:8080 security: [] tags: - description: Task execution and management name: Tasks - description: Agent listing and management name: Agents - description: Public agent directory name: Agent Directory - description: User file storage management name: Files - description: User working memory management name: Memory - description: Scheduled and recurring task management name: Schedules - description: Knowledge base and semantic search name: Knowledge - description: Encrypted user credentials and API keys name: Secrets - description: Neo API key management for programmatic access name: API Keys - description: User profile and account information name: User - description: Task and LLM usage tracking name: Usage - description: Bring Your Own Key provider management name: BYOK - description: Model discovery and capabilities name: Models - description: Third-party integrations name: Integrations - description: Skill knowledge documents for agent prompts name: Skills - description: Team management and member invitations name: Teams - description: Prompt library management and discovery name: Prompts - description: Slack bot integration for workspace installation and OAuth name: Slack - description: GitHub integration for PR reviews and repository management name: GitHub - description: Vulnerability issue tracking and management name: Issues - description: Subscription billing and plans name: Billing - description: Project management and member assignments name: Projects - description: SSH key pair generation and management for remote server access name: SSH Keys - description: Codebase structural analysis and mapping name: Codemaps - description: AI-generated codebase documentation and security analysis name: CodeWiki - description: Captured HTTP traffic query and replay name: Network Events paths: /api/v1/ssh-keys: post: tags: - SSH Keys summary: Generate SSH key pair description: > Generate a new SSH key pair with the specified algorithm. The private key is encrypted and stored server-side. It is never returned to the caller. Only the public key and fingerprint are returned. Supported algorithms: ed25519, rsa-2048, rsa-4096, ecdsa-256, ecdsa-384, ecdsa-521 operationId: post-v1-ssh-keys requestBody: content: application/json: schema: $ref: '#/components/schemas/CreateSSHKeyRequest' required: true responses: '201': content: application/json: schema: $ref: '#/components/schemas/SSHKeyResponse' description: SSH key pair generated successfully '400': content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' description: Invalid request '401': content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' description: Unauthorized '409': content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' description: An SSH key with this name already exists security: - BearerAuth: [] - ApiKeyAuth: [] components: schemas: CreateSSHKeyRequest: properties: algorithm: description: >- Key generation algorithm. Required for generated-key auth. Mutually exclusive with password and private_key. enum: - ed25519 - rsa-2048 - rsa-4096 - ecdsa-256 - ecdsa-384 - ecdsa-521 type: string default_host: description: Default SSH host for connections using this key maxLength: 255 type: string default_port: description: Default SSH port (defaults to 22) maximum: 65535 minimum: 1 type: integer default_username: description: Default SSH username for connections using this key maxLength: 128 type: string name: description: >- Unique name for this SSH key (letters, digits, underscores, hyphens, dots only) maxLength: 128 minLength: 1 pattern: ^[A-Za-z0-9][A-Za-z0-9_.-]*$ type: string password: description: >- SSH password for password-based auth. Mutually exclusive with algorithm and private_key. Encrypted at rest. maxLength: 1000 minLength: 1 type: string private_key: description: >- Existing OpenSSH/PEM private key to import. Mutually exclusive with algorithm and password. Encrypted at rest. maxLength: 20000 minLength: 1 type: string private_key_passphrase: description: Optional passphrase for private_key. Used only during import. maxLength: 1000 type: string project_id: description: Optional project ID for project-scoped key format: uuid type: string required: - name type: object SSHKeyResponse: properties: algorithm: enum: - ed25519 - rsa-2048 - rsa-4096 - ecdsa-256 - ecdsa-384 - ecdsa-521 - password type: string auth_type: description: >- Authentication type (key = generated key pair, password = password-based) enum: - key - password type: string created_at: format: date-time type: string default_host: nullable: true type: string default_port: nullable: true type: integer default_username: nullable: true type: string fingerprint: description: SHA256 fingerprint of the public key (null for password auth) nullable: true type: string id: format: uuid type: string name: type: string project_id: format: uuid nullable: true type: string public_key: description: OpenSSH authorized_keys format public key (null for password auth) nullable: true type: string required: - id - name - algorithm - auth_type type: object ErrorResponse: properties: code: description: > Stable machine-readable error code — branch on this rather than matching the human `error`/`message` strings. Domain codes include `user_spending_cap_reached`, `project_spending_cap_reached`, and `insufficient_neo_credits`; otherwise it mirrors the error kind (e.g. `forbidden`, `invalid_request`, `not_exists`, `already_exists`). example: user_spending_cap_reached type: string error: example: Bad request type: string error_id: description: Correlation id for a specific error instance, when present. type: string kind: description: Coarse error category (e.g. "forbidden request", "invalid request"). example: forbidden request type: string message: description: | Human-readable detail (the kind prefixed to the error). For display, not for branching. type: string required: - error type: object securitySchemes: BearerAuth: bearerFormat: JWT description: JWT authentication token scheme: bearer type: http ApiKeyAuth: description: Neo API key (neo_sk_* prefix) in: header name: X-Api-Key type: apiKey ````