Hey there! Welcome to Hostman! 🎉

How to Generate an SSH Key for Windows: a Step-by-Step Guide

06.02.2024
Reading time: 4 min
Hostman Team
Technical writer

SSH is an application layer network protocol used to connect to the server securely and manage it by remotely executing commands in the computer terminal. 

You can use passwords or SSH keys to connect to a server via SSH. In this article, we will look at how to generate SSH keys in the Windows operating system.

The advantage of the SSH keys method of connection is that it cannot be hacked, unlike a password.

To connect to the server, you will need two SSH keys:

  • Public key that is stored on the server in a specific directory. It is a combination of characters that encrypts data when accessing the server.

  • Private key that is an encrypted key stored on the client computer. It decrypts the received data. When generating it, you can add a passphrase for additional protection.

When connecting to the server, the system will check the SSH keys. The server will allow the connection if the public key matches the private key.

To fully use SSH keys' security advantages, we recommend disabling password authentication.

Generating SSH keys in Windows

There are two methods for generating SSH keys in Windows: using the OpenSSH client or the PuTTY client. 

The first method is more convenient and can be used on the newer Windows versions (starting from Windows 10) that have Windows PowerShell installed.

If your system doesn't have PowerShell, you can either install it from the Microsoft official website or use the second method: PuTTY.

OpenSSH client

  1. Right-click on the Start menu and select Windows PowerShell.

  2. In the PowerShell terminal run the command:

ssh-keygen

The system will prompt you to enter the path to the folder for storing the keys. Press Enter to save the keys in the default directory (.../.ssh/id_rsa).

Next, you'll be asked to enter the passphrase for the key. The passphrase strengthens the security, but keep in mind that you'll have to enter it every time you connect to the server.

To skip setting the passphrase, press Enter twice.

Image7

You can check that all keys have been successfully generated by navigating to the C:\Users\username\.ssh directory (or a different one if you changed the directory when prompted).

Image4

As you can see from the picture above, we have both keys saved.

Let's move on to the second method and look at how to generate SSH keys on Windows using PuTTY.

PuTTY

The PuTTY client was popular when OpenSSH was not available on Windows. But it is still in use today. It is freely available on the developer's official website

Below are the detailed instructions on how to generate SSH keys on Windows 11 with PuTTY.

  1. First, you need to download the PuTTY .msi installer from the official website.

  2. Run the installer and go through the steps with the Setup Wizard. The setup is simple: you can just click Next until the process is complete.

Image1

  1. Search for the PuTTYgen app on your computer and run it.

  2. You can change the parameters if you need specific ones but for most cases you can use the default values (RSA and 2048 bits).

Image3

  1. Click Generate and start randomly moving your mouse pointer in the gray area. This will improve the security of the generated key by creating randomness.

Image6

  1. After the generation is complete, click the Save public key and Save private key buttons and save the keys in your preferred directory. You can set any names for the keys, for example, id_rsa.pub and privatekey.ppk.

Image2

Now, you can close the PuTTYgen window.

You can navigate to the directory to confirm that the keys are successfully saved.

Image5

As we can see, the keys have been successfully saved on the local machine. 

Conclusion

In this tutorial, we have considered two methods of generating SSH keys in Windows. The OpenSSH method can be used in the modern Windows versions and allows you to generate SSH keys in the Windows command line: PowerShell. The second method, PuTTY, works for older versions of Windows.

To connect to the server, you need to copy the created public key onto it. Then, when you try to connect to the server, the system will check the public key on the server side against the private key on the client side. 

If you use Hostman servers, you can add the generated public key to the SSH keys section of your control panel and then easily add it to the servers you create.