Home
How to generate SSH keys on Windows
Windows 11

How to generate SSH keys on Windows

September 11, 2023

SSH keys allow enhanced security and convenience for authentication. Here’s how you can easily generate SSH keys on Windows

Windows desktop showing Command Prompt and PuTTYgen windows

If you find yourself logging into a remote server on your Windows machine repeatedly, you probably know you need SSH keys. Besides being a more secure way of authentication, SSH keys are more convenient than conventional passwords, and offer a variety of additional benefits. Generating SSH keys on Windows 11 is fairly simple and you can do it in a number of ways, based on your preferences and what system you’re used to. So, let’s get into the various methods you can use to generate SSH keys on Windows.

Generate SSH keys on Windows using Command Prompt

Using the Command Prompt is the simplest and most recommended way of generating a pair of SSH keys on Windows. It involves using the built-in SSH client on Windows without the need for additional tools. You can follow the steps below to quickly generate your SSH keys:

  1. Open a Command Prompt window by typing cmd in the search bar, and clicking the top result.
  2. Type the command ssh-keygen and press Enter.
    Command Prompt window showing ssh-keygen command
  3. You’ll be prompted to enter the location and file name for storing your key. You can enter a custom path here or simply type a file name alone to store it in the default location (C:Users[username]).
    Command Prompt window showing save location of SSH key
  4. Next, you’ll be asked to enter a passphrase. Enter a passphrase to secure your key. If you don’t want a passphrase, you can just press Enter to save the key without a password. Press Enter again to confirm.
    Command Prompt-windows showing passphrase input
  5. A message will confirm that your identification (private key) and public key have been saved, with some more details about the keys shown on screen. You can now close the window.
    Command Prompt window showing completion of SSH key generation

You can now find the SSH key in the location you chose to store it. It’s also possible to generate different keys for logging into different servers or locations. Simply repeat the process above and name the keys accordingly to identify their intended use.

Generate SSH keys on Windows using PuTTY

PuTTY used to be a popular tool to communicate with a server on Windows. One of its components was PuTTYgen which is still used to generate SSH keys on Windows, macOS, and Linux. If you already have PuTTY on your system or would like to use a graphical interface to generate your SSH keys on Windows, this method is perfect for you.

  1. Download PuTTY for Windows and install it on your computer.
  2. Search for PuTTYgen in the search bar and launch it.
  3. Before you generate your SSH keys, you can select the type of key to generate. RSA is selected by default and if you want to use that, enter 4096 in Number of bits in a generated key. You can also choose EdDSA as it’s another popular encryption method. If you do so, make sure Ed25519 is selected in the drop-down that appears on the bottom-right of the window.
    PuTTYgen window showing choice of encryption for SSH key generation
  4. You can now click Generate to start the process. As PuTTYgen generates the SSH keys, it’ll prompt you to move your cursor over the blank area to create more randomness during the key generation.
    PuTTYgen window showing SSH keys being generated
  5. Once the process is complete, you can click Save public key to save it where you want with the extension .pub.
    PuTTYgen window showing saving of public key to the computer
  6. For the private key, click the Conversions tab at the top and click Export OpenSSH key to save your private key as an SSH key instead of the default PPK key. Then, save the private key where you want without any file extension.
    PuTTYgen window showing saving of private key

Generate SSH keys on Windows using WSL

The Windows Subsystem for Linux (WSL) allows you to run Linux within your regular Windows environment as if it were any other Windows application. Windows 11 comes built-in with WSL you simply need to setup and install WSL 2 on your Windows 10 or Windows 11 computer to start using it. If you’re already familiar with the WSL environment, the following method will allow you to easily generate a pair of SSH keys using a terminal window.

  1. Open a command prompt window inside WSL.
  2. To create an RSA-4096 key, type ssh-keygen -t rsa -b 4096 “[email protected]and press Enter. The exact same prompts to enter the file location and passphrase, as shown in the Windows Command Prompt method, will be shown next.
  3. To create an Ed25519 key, type ssh-keygen -t ed25519 -C “[email protected]and press Enter. Again, enter the file location and passphrase you want, or simply press Enter to use the defaults.
  4. Whichever key you generate, adding your email address as an identifier at the end of the command is recommended to help identify the respective keys.

You don’t need to add an email address identifier in the Windows Command Prompt as Microsoft uses your username and PC name automatically.

Why do you need SSH keys?

Securely logging into a remote server can be done in the traditional way with a username and password pair. However, using SSH keys provides considerable advantages over this method, ranging from security and convenience to customization. When you generate SSH keys, you actually create a pair of keys consisting of a public and private key. The public key then resides on the server end and during authentication, connects to your private key residing on your machine via an SSH client. If the keys match up, access is granted.

Wikimedia Commons”” data-modal-id=”single-image-modal” data-modal-container-id=”single-image-modal-container” data-img-caption=”null”>

Asymmetric encryption illustration shown by snapping of padlocks
  • SSH keys are much more secure than passwords that can be broken with brute force attacks. Owing to strong encryption, SSH keys are virtually unbreakable.
  • Besides security, SSH keys are much more convenient to use as compared to entering passwords multiple times, enabling automated login. You can even integrate them with single sign-on systems (SSO) to access multiple servers with the same key.
  • You can create different SSH key pairs for different uses, giving you additional flexibility for access control

SSH keys are a great way to authenticate server login for you and other users on Windows. Coupled with other security improvements in Windows 11, SSH keys enhance the security and efficiency of remote server access on Windows. Whether you’re using Windows 11, WSL, or running a Windows virtual machine, the methods above should be more than enough for you to easily create and manage your SSH keys.