How to Generate SSH Key in Windows 10 or 11

May 28, 2024

Introduction

Secure Shell (SSH) is a method for establishing a secure connection between two computers. Key-based authentication uses a key pair, with the private key on a remote server and the corresponding public key on a local machine. When the keys match, access is granted to the remote user.

This guide will show you how to generate an SSH key pair in Windows.

Tutorial on how to generate SSH keys in Windows.

Prerequisites

  • A system running Windows 10 or Windows 11.
  • A user account with administrative privileges.
  • Access to the command prompt.
  • A web browser to download PuTTY.

Generate SSH Key Pair in Windows via OpenSSH (ssh-keygen)

ssh-keygen is a command-line tool that is used to generate, manage, and convert SSH authentication keys. As of Windows 10, the OpenSSH client is included by default, which means you can use it directly from the Command Prompt or PowerShell.

Follow the steps below to use ssh-keygen for generating a key pair.

Step 1: Verify if OpenSSH Client is Installed

Start by checking to see if you have the OpenSSH client installed:

1. Open Settings and click System in the left panel.

2. Scroll down and click the Optional features heading.

Open the optional features setting in Windows.

3. Scroll down the list to see if OpenSSH Client is listed. If it is there, then OpenSSH has already been installed on your system, and you can move on to the next section.

If OpenSSH Client is not in the Added features list, click the View features button at the top to install OpenSSH Client.

View optional features in Windows.

4. Type OpenSSH in the search bar and check the box next to OpenSSH Client. Then, click Next to install the feature.

Add the OpenSSH Client feature in Windows.

5. In the next window, click the Add button to confirm that you want to install OpenSSH Client.

Install OpenSSH Client.

Wait for the installation to complete, and you can move on to the next section.

Step 2: Use OpenSSH to Generate an SSH Key Pair

Follow the steps below to generate an SSH key pair via OpenSSH:

1. Press the Windows key and type cmd. Press Enter to open the Command Prompt.

2. In the command prompt, run the following command:

ssh-keygen

3. You can use the default name for the keys, or you can choose more descriptive names to help you distinguish between keys if you are using multiple key pairs. To stick to the default option, press Enter.

Note: If a file with the same name already exists, you will be asked whether you want to overwrite the file.

4. When prompted, enter a passphrase or hit Enter to skip this step. Repeat the process when prompted to re-enter the passphrase.

5. The system generates the key pair and displays the key fingerprint and a randomart image:

Generate an SSH key pair in Windows using ssh-keygen.

Generate SSH Key Pair in Windows via PuTTY

Before OpenSSH was included with Windows, the PuTTY tool was the gold standard for generating SSH keys. This section shows how to generate SSH keys with PuTTY.

Step 1: Install PuTTY

Follow the steps below to install PuTTY on Windows:

1. Open a web browser and navigate to the PuTTY download page. Download the MSI (Windows installer) for your system architecture (x86 or x64).

2. Double-click the downloaded file to start the installation wizard and the PuTTY Welcome screen appears. Click Next to start the installation.

PuTTY welcome screen.

3. Select the destination folder. Use the default installation configuration unless you have a specific need to change it. Click Next to move on to the next screen.

Choose PuTTY installation directory.

4. Select which PuTTY product features to install. If you do not have any specific needs, stick to the defaults. Click Next to proceed to the next screen.

Select which PuTTY features to install.

5. Once the process completes, click Finish to exit the installation wizard.

Complete PuTTY installation.

Step 2: Create SSH Keys with PuTTY

The process outlined below will generate RSA keys, a classic and widely used encryption algorithm. The PuTTY keygen tool offers several other algorithms: DSA, ECDSA, Ed25519, and SSH-1 (RSA). If you require a different encryption algorithm, select the desired option under the Parameters heading before generating the key pair.

The following table sums up the key differences between the available algorithms:

AlgorithmKey Size (bits)Security LevelSpeedUse CaseStrengthsWeaknesses
RSA1024 - 4096HighSlowDigital Signatures, TLSWell-studied, widely used.Potentially vulnerable to quantum computing attacks.
DSA1024 - 3072Moderate to HighFastDigital SignaturesFaster than RSA.Fixed key size.
ECDSA256 - 521HighVery FastDigital SignaturesSmaller key size, high security.Complex implementation.
Ed25519256Very HighVery FastDigital SignaturesHigh security, fast, small keys.Newer, not widely supported.
SSH-1 (RSA)768 - 2048Low to ModerateSlowSecure Shell (SSH)Initial SSH protocol.Deprecated, vulnerable.

Follow the steps below to create SSH keys with PuTTY:

1. Press the Windows key and type puttygen. Press Enter to open PuTTY Key Generator.

2. In the PuTTY Key Generator window, click Generate. Move the cursor around in the gray box to fill up the green bar.

Generate an SSH key pair with PuTTY.

3. After the process completes, save the key pair. Click the Save public key button and choose a location to save the key. Give the key a name (e.g., putty_key.pub).

Repeat the process for the private key. You can also set a passphrase to secure the keys additionally.

Save SSH key pair in PuTTY.

Generate SSH Keys in WSL

Windows Subsystem for Linux (WSL) allows users to run a Linux environment without a separate virtual machine or dual booting. To generate SSH keys via WSL, first install the WSL feature on Windows. Our tutorial outlines the step-by-step process for installing WSL on Windows.

After you complete the installation, run the Command Prompt as an administrator and follow the steps below to create an SSH key in WSL:

1. In the WSL terminal, assuming you chose to install Ubuntu in WSL, run the following command:

ssh-keygen -t rsa

2. The system prompts you for the key location and name. Press Enter to accept the default value.

3. The next prompt is the passphrase, which can be left blank. Alternatively, set a passphrase to secure your key by requiring a password whenever it is accessed.

Generate SSH keys with WSL on Windows.

After you enter the necessary information, the utility creates the keys.

Where to Find Generated SSH Keys in Windows

By default, the system saves the keys generated with PuTTY and OpenSSH to C:\Users\your_username\.ssh\id_rsa. To find the keys, open the File Explorer and navigate to that folder.

You should see two files. The identification is saved in the id_rsa file, and the public key is labeled id_rsa.pub. These two files are your SSH key pair.

Note: The public key is identified with the .pub extension. You can use Notepad to see the contents of both the private and public key.

If you used WSL to generate SSH keys, find them in the ~/.ssh directory accessible from the Ubuntu terminal or in the \wsl$\Ubuntu\home\.ssh\ folder accessible with the Windows file explorer.

Conclusion

This article has provided three methods of generating SSH key pairs on a Windows system. Use the SSH keys to connect to a remote system without using passwords.

Next, check out our guide for passwordless SSH login using SSH keys.

Was this article helpful?
YesNo
Bosko Marijan
Having worked as an educator and content writer, combined with his lifelong passion for all things high-tech, Bosko strives to simplify intricate concepts and make them user-friendly. That has led him to technical writing at PhoenixNAP, where he continues his mission of spreading knowledge.
Next you should read
How to Generate & Set Up SSH Keys on Debian 10
September 14, 2020

This article will help system administrators configure SSH Keys on Debian 10. The instructions allow you to...
Read more
How to Set Up Passwordless SSH Login
April 15, 2020

Speed up connecting to remote servers by enabling passwordless SSH login via public key authentication. In...
Read more
How to Enable SSH on Raspberry Pi {Linux, Mac OS, Windows}
February 12, 2020

This article shows you how to enable SSH on your Raspberry Pi using different methods. The guide also...
Read more
19 Common SSH Commands in Linux With Examples
August 25, 2019

Secure Shell is an important protocol for anyone managing and controlling remote machines. This guide covers...
Read more