How to Generate SSH Keys on Windows

SSH is an acronym for Secure Socket Shell Key Management, also called Secure Shell Management which is a method that is employed to establish a secure connection between two computers.

It is identified as a special network protocol that leverages public-key cryptography to enable authorized users to remotely access a computer or other device via access credentials called SSH keys.

SSH works when a key pair is used to make authentications, with a private key on a remote server and the corresponding public key on a local machine. The private key should be encrypted and kept secret, while the public key may be distributed to permit secure access to remote computers. When these keys match, the remote user is granted the needed access.

Method #1. How to Generate SSH Keys in OpenSSH

Requirements:

• A system running Windows 10
• A user account with administrative privileges
• Access to the Command prompt
• A web browser (optional but necessary for the PuTTY method)

Step #1: Verify if OpenSSH Client is Installed on your Personal Computer or Desktop.

To do this follow the instructions below:

• Open the Settings panel, then go to Apps.
• In the Apps and Features heading, click ‘Optional Features’
• Scroll down the list that appears to see if OpenSSH Client is listed. If it’s not enlisted, it means you need to install it.
• So, click the ‘plus-sign’ next to Add a feature.
• Scroll through the list and select OpenSSH Client.
• Then click install

Step #2: Open Command Prompt

• Next, Press the Windows key.
• Type ‘cmd’
• Under Best Match, right-click ‘Command Prompt’
• Click Run as Administrator.

If prompted, you will be asked “Do you want to allow this app to make changes to your device? Click ‘Yes’.

Step #3: Use OpenSSH to Generate SSH Keys

In the command prompt that pops, type the following:

• By default, the system will save the keys to C:\Users\your_username/.ssh/id_rsa. You can use the default name, or you can choose more convenient and descriptive names. This will help you distinguish between keys
• If you are using multiple key pairs. Press Enter, to stick to the default option.
• When asked to enter a passphrase. Press Enter, to skip this step. The system will generate the key pair, and display the key fingerprint and a random art image.
• Open your file browser and navigate to C:\Users\your_username/.ssh.
• You should see two files. The identification usually is saved in the id_rsa file and the public key is labeled id_rsa.pub. This is your “SSH key pair”

Likewise, the public key is normally identified with the .pub extension. You can use Notepad to see the contents of both the private and public key.

Method #2: Generate SSH Keys Using PuTTY

Before the first method to generate SSH Keys via OpenSSH was included with Windows, the PuTTY tool was the standard way to generate SSH keys.

PuTTY is a Free, Open Source software, that is easily obtained from the PuTTY latest release page.

• Once PuTTY is installed, press the Windows key or open the Windows and type “puttygen” to open the “PuTTYgen” app.
• In the PuTTY Generator window, ensure that “RSA” found at the bottom of the window is selected, then click “Generate”.
• Move your mouse cursor over the gray area to fill the green bar.
• You will need the public key written at the top of the window for your authorized_keys file. This is because the PuTTY software does not save the public key for you.
  
  You can copy and paste it directly to your authorized_keys file or paste this key into a notepad document for safekeeping to use later.
• Once you copy your public key from the PuTTY Key Generator, the private key needs to be saved.
• Click the “conversions” menu at the top and choose “Export OpenSSH Key”. To save this key without a passphrase, click “Yes”, after the prompt.
• Choose a location where you wish to save the key and give it a name (e.g. Myputty_key).
• From the PuTTY Key Generator, choose Export OpenSSH Key.
• Your keys are now generated and you can close the PuTTY key generator.

How to Use Your PuTTY Generated Key

To put the generated SSH keys with PuTTY to use, you need to open “Connection” and “Auth” in the PuTTY configuration.

• In the “Private Key file for authentication” select the private key you just saved.
• In The PuTTY configuration window, you will need to copy your public key to the host you wish to use your keys with in text format, and copying them to a remote host can be done by cut and paste commands.
  
  The public key file can be opened with a text editor and the key may contain numbers, letters, symbols, etc.
• On remote Unix, MacOS, or Linux machines, the public key is required to be placed in a file called ~/.ssh/authorized_keys file using your favorite text editor.
• There can be multiple public keys in the authorized_keys file. So, create the file if it does not exist.
• Your authorized_keys file should be set to owner read/write only (mode 600).

When using your key file with a Windows 10 or 11 host you can similarly put your key into a text file called authorized_keys in a hidden .ssh folder in your user folder.

To ensure you have more security, your authorized_keys file can be set up to – only accept connections from certain IP addresses or hostnames.

Before you go…

Other remote computer systems may require you to add your public key using a different approach. Some cloud or web services such as GitHub may ask you to copy your public key into a secure dialog box. Always make sure that you only give out your public key to services that you feel are reliable.

FAQs