You require SSH keys if you frequently log in to distant servers, such as for a self-hosted blog, a Nextcloud installation, or to push your newest modifications to GitHub. Windows 10 and 11 provide an abundance of options for generating fresh keys.
Here are three approaches for creating all the SSH keys you’ll ever require. We will demonstrate how to generate your initial set of keys, as well as extra keys if you wish to generate unique keys for multiple websites.
Option 1: Generate Keys in the Command Line
Since the April 2018 update, Windows 10 includes a built-in OpenSSH client. Windows 11 also includes this capability by default.
To use it, press the Windows key and type “cmd” into the Windows Command Prompt.
Type ssh-keygen and press Enter, whether using Command Prompt or Windows Terminal. This will produce the SSH keys automatically. In our experiments on Windows 11, it generated an RSA key of 2048 bits. If you wish to use a different algorithm, such as Ed25519, which is recommended by GitHub, you would write ssh-keygen -t ed25519.
After you enter your command and press Enter, you will be invited to name and store your shortcut. If you use the default settings, your keys will be saved to C: User[YourUserName].ssh — presuming your user account is located on the C drive.
You will then be prompted to enter a passcode. We strongly advise you to do so to protect your key. If you’re concerned about forgetting your password, check out Review Geek’s compilation of the top password managers. If you truly do not want a passphrase, press Enter.
The keys have been generated, saved, and are ready for use. You will notice that your “.ssh” folder contains two files: “id rsa” without an extension and “id rsa.pub.” The latter is the authentication key you upload to servers, whilst the former is the private key you do not disclose with anyone.
Creating additional keys for different websites is also straightforward. Say you wanted to use the default keys we just produced for a server you have on Digital Ocean, and you also wanted to build a separate set of keys for GitHub. When it was time to save your key, you would use a new name, such as “id rsa github” or something such.
You may repeat this as often as you wish. Keep in mind that the more keys you possess, the more keys you must manage. When upgrading to a new PC, you must transfer these keys along with your other data or risk losing temporary access to your servers and accounts.
Also Read: How to Start Safe Mode in Windows 10?
Option 2: Generate Keys in WSL
If you are a user of WSL, you can employ a similar strategy for your WSL installation. Essentially, it is identical to the Command Prompt version. Why would you wish to perform this action? If Linux is your primary operating system for command line tasks, it makes logical to retain your keys in WSL.
Launch either the Windows Terminal or the Ubuntu command prompt (assuming you installed Ubuntu Linux). Then it is comparable to Windows. Unlike Windows, it is best to indicate whether an RSA or Ed25519 key is desired.
Suppose you desired to generate an RSA-4096 key. You would enter the following command:
It is recommended to provide your email address as an identification; however, this is not required on Windows because Microsoft’s version utilises your username and the name of your PC automatically.
Again, to produce numerous keys for different websites, simply append a suffix such as “_github” to the filename.
Option 3: Key Generation using PuTTY
For many years, PuTTY was the most popular technique to communicate with a Windows server. If you already have this tool installed on your computer, you can use it to generate SSH keys.
PuTTY includes a variety of utility programmes, one of which is the PuTTY Key Generator. To access this file, either press the Windows key and type “puttygen” or search for it in the Start menu.
Once it’s open, you’ll see the various sorts of keys to generate at the bottom of the panel. If you are unsure which algorithm to use, pick “RSA” and enter “4096” in the “Number Of Bits In A Generated Key” field. Another option is to choose “EdDSA” and then select “Ed25519 (255 bits)” from the drop-down menu that appears beneath it.
Now, simply click “Generate” and PuTTY will commence operation. This should not take too long, depending on the strength of your system, and PuTTy will ask you to move the mouse inside the window to generate a bit more randomness for the key.
Click “Save Public Key” to save your public key, and call it “id rsa.pub” or “id ed25519.pub” according on whether you choose RSA or Ed25519 in the previous step.
Obtaining your private key then requires an additional step. PuTTY creates PPK keys by default for use with the PuTTy client. If you prefer OpenSSH, however, select Conversions > Export OpenSSH Key at the top of the window and save the file as “id rsa” or “id ed25519” with no file extension.
Regardless of the technique chosen, generating SSH keys is a breeze. We recommend using the Windows Command Prompt unless you already have PuTTY installed, prefer Linux, or are familiar with that operating system.