SSH keys allow for maximum security and ease of authentication. Here’s how to easily generate SSH keys on Windows
If you find yourself logging into a remote server on your Windows machine every now and then, you probably know that you need SSH keys. Besides being a reliable authentication method, SSH keys are simpler than traditional passwords, and offer some additional benefits. Generating an SSH key for Windows 11 is easy and you can do it in several ways, depending on your preferences and the operating system you’re used to. So, let’s dive into the different methods you can use to generate SSH keys on Windows.
Create SSH keys on Windows using Command Prompt
Using Command Prompt is the easiest and most recommended way to generate SSH keys on Windows. It involves using the built-in SSH client on Windows without the need for additional tools. You can follow the steps below to generate your SSH keys quickly:
- Open the Command Prompt window by typing cmd in the search bar, and click the top result.
- Type the command ssh-keygen and press Enter.
- You will be asked to enter a location and file name to save your key. You can enter the path to the file here or just type the file name to save it to a default location (C:Users[username]).
- Next, you will be asked to enter a password. Enter a password to protect your key. If you don’t need a password, you can just press Enter again to save the key without a password. Press Enter again to confirm.
- A message will confirm that your identity (private key) and public key have been saved, with more information about the keys displayed on the screen. Now you can close the window.
You can now access the SSH key from the location you chose to store it. It is also possible to create different keys to log into different servers or locations. Just repeat the above and name the keys according to the target.
Generate SSH keys on Windows using PuTTY
PuTTY was a popular server communication tool on Windows. One of its products was PuTTYgen which is still used to generate SSH keys on Windows, macOS, and Linux. If you already have PuTTY on your machine or want to use the recording interface to generate your own SSH keys on Windows, this method is perfect for you.
- Download PuTTY for Windows and install it on your computer.
- Search for PuTTYgen in the search bar and launch it.
- Before generating your SSH keys, you can select the type of key to generate. RSA is selected by default and if you want to use it, enter 4096 in the Number of bits in the generated key. You can also choose EdDSA as another popular registration method. If you do, make sure that Ed25519 is selected in the drop-down menu that appears on the right side of the window.
- You can now type Create to start the process. When PuTTYgen generates SSH keys, it prompts you to move your cursor to an empty space to randomize the key generation.
- Once the process is complete, you can click Save public key to save it to your desired location with the extension .pub.
- For the private key, click the Conversions tab at the top and click Send OpenSSH key to save your private key as an SSH key instead of the default PPK key. Then, save the private key where you want without adding files.
Generate SSH keys on Windows using WSL
Windows Subsystem for Linux (WSL) allows you to run Linux inside your regular Windows as if it were any other Windows application. Windows 11 comes built with WSL you just need to install and install WSL 2 on your Windows 10 or Windows 11 computer to start using it. If you already know the WSL environment, the following procedure will allow you to easily generate SSH keys using a terminal window.
- Open a command window within WSL.
- To generate an RSA-4096 key, type ssh-keygen -t rsa -b 4096 “[email protected]” and press Enter. The same prompts you to enter the location of the file and the password, as the Windows Command Prompt option, will also be displayed.
- To generate a key for Ed25519, type ssh-keygen -t ed25519 -C “[email protected]” and press Enter. Again, enter the file location and password you want, or just press Enter to use the defaults.
- Whatever you do, adding your email as an identifier at the end of the command is recommended so that you can identify the keys it contains.
You don’t need to add email address in Windows Command Prompt as Microsoft uses your username and PC only.
Why do you need SSH keys?
Securely logging into a remote server can be done traditionally with a username and password. However, using SSH keys offers many advantages over this method, from security and convenience to customization. When you create an SSH key, you create two keys with a public key and a private key. The public key is then hosted on the server end and during authentication, it communicates with your private key hosted on your machine via an SSH client. If the keys match, access is granted.
- SSH keys are more secure than passwords which can be cracked by malicious tools. Thanks to strong encryption, SSH keys are unbreakable.
- Aside from security, SSH keys are easier to use compared to entering passwords multiple times, allowing you to log in. You can combine them with single sign-on (SSO) to access multiple servers with the same key.
- You can create different SSH keys for different applications, giving you more flexibility in controlling access
SSH keys are a great way to authenticate server logins for you and other users on Windows. Combined with other security updates in Windows 11, SSH keys improve security and remote server functionality on Windows. Whether you’re using Windows 11, WSL, or using a Windows machine, the steps above should be enough to easily create and manage your SSH keys.