Skip to main content
GPU Outlet uses SSH for everything interactive — there’s no web shell, no in-browser terminal. You connect with ssh root@host -p port, full stop.

What we store

When you paste a public key into Settings → SSH keys, we store:
  • The literal public-key string (the ssh-ed25519 AAAA… line)
  • A name you provided (macbook-2026)
  • A SHA256 fingerprint (computed server-side for display)
  • A createdAt timestamp
That’s it. We never see your private key. We never ask for it. We never generate keys on your behalf — generating happens on your machine via ssh-keygen.

How injection works

The injection is part of the pod’s first-boot cloud-init script. Every key you have on file at the moment of the rental’s creation is written into /root/.ssh/authorized_keys. Adding a key after a pod starts does NOT retroactively grant access — you’d need to add it manually inside the pod. We strongly prefer Ed25519: 
ssh-keygen -t ed25519 -C "you@gpuoutlet.com"
RSA 4096 also works: 
ssh-keygen -t rsa -b 4096 -C "you@gpuoutlet.com"
We reject anything weaker than RSA 2048 server-side. The API responds 400 weak_key if you try to add it.

Rotation

To rotate:
  1. Generate a new key on your machine
  2. Add it via the dashboard (you’ll have two on file now)
  3. Test launching an instance with both, confirm the new one works
  4. Delete the old key from the dashboard
This window of having both lets you verify before deleting. Don’t reverse the order or you’ll lock yourself out of any new pods until you re-add.

Multiple keys per account

There’s no limit. Real-world examples:
  • One key per machine you SSH from (laptop, workstation, CI runner)
  • One key per teammate, all sharing the account (until we ship Teams — see Teams)
  • One key per CI pipeline
Every key is injected into every new pod. To restrict per-pod access, run your own authorized_keys management inside the pod.

Deletion

Deleting a key in the dashboard:
  • Immediately removes it from our store
  • Does NOT remove it from already-running pods (we don’t have shell access to your pods after boot)
  • Means subsequent pods won’t have it
To revoke access to a running pod, either stop the pod and start a new one, or SSH in and edit /root/.ssh/authorized_keys directly.