GENERATE
curl k3y.sh/pw strong password (?len=20&symbols=false)
curl k3y.sh/passphrase diceware words (?words=5)
curl k3y.sh/ssh SSH ed25519 keypair (/rsa for RSA)
curl k3y.sh/wg WireGuard keypair
curl k3y.sh/age age keypair
curl k3y.sh/tls?cn=foo.dev self-signed cert+key
curl k3y.sh/token url-safe token (/hex/32 /uuid /totp /jwt-secret)
VERIFY
curl k3y.sh/hostkey/github.com SSH host-key fingerprint
curl k3y.sh/cert/example.com TLS cert details
curl --data-binary @k.pub k3y.sh/fp fingerprint a public key
curl --data-binary @t.jwt k3y.sh/jwt decode a JWT
CHECK (your secret never leaves your machine)
echo -n 'hunter2' | sha1sum then:
curl k3y.sh/pwned/ breach check via k-anonymity