Generate new ssh keys in Windows 10 / 11

I am having a really hard time getting my SSH keys up and running after installing Windows 10. Normal method is create it and throw it in the user's account under .ssh. But this folder does not appear to be available in Windows 10.

I need to have 3 SSH keys for different repos.

1. Open the windows command line (type "cmd" on the search box and hit enter).
2. It'll default to your home folder, so you don't need to cd to a different one.
3. Type ssh-keygen(if not found, check here)
4. Leave the first parameter empty(default), enter a password if you like, or leave it empty
5. Your ssh keys should be stored at chosed directory, the default is: /c/Users/YourUserName/.ssh/id_rsa.pub

p.s.: If you installed git with bash integration (like me) open "Git Bash" instead of "cmd" on first step

2019-04-07 UPDATE: I tested today with a new version of windows 10 (build 1809, "2018 October's update") and not only the open SSH client is no longer in beta, as it is already installed. So, all you need to do is create the key and set your client to use open SSH instead of putty(pagent):

1. open command prompt (cmd)
2. enter ssh-keygenand press enter
3. press enter to all settings. now your key is saved in c:\Users<your user>.ssh\id_rsa.pub
4. Open your git client and set it to use open SSH

I tested on Git Extensions and Source Tree and it worked with my personal repo in GitHub. If you are in an earlier windows version or prefer a graphical client for SSH, please read below.

2018-06-04 UDPATE:

On windows 10, starting with version 1709 (win+R and type winver to find the build number), Microsoft is releasing a beta of the OpenSSH client and server. To be able to create a key, you'll need to install the OpenSSH server. To do this follow these steps:

1. open the start menu
2. Type "optional feature"
3. select "Add an optional feature"
4. Click "Add a feature"
5. Install "Open SSH Client"
6. Restart the computer

Now you can open a prompt and ssh-keygen and the client will be recognized by windows. I have not tested this. If you do not have windows 10 or do not want to use the beta, follow the instructions below on how to use putty.

---

ssh-keygen does not come installed with windows. Here's how to create an ssh key with Putty:

1. Install putty
2. Open PuttyGen
3. Check the Type of key and number of bytes to use
4. Move the mouse over the progress bar
5. Now you can define a passphrase and save the public and private keys

For openssh keys, a few more steps are required:

1. copy the text from "Public key for pasting" textbox and save it as "id_rsa.pub"
2. To save the private key in the openssh format, go to Conversions->Export OpenSSH key ( if you did not define a passkey it will ask you to confirm that you do not want a pass key)
3. Save it as "id_rsa"

Now that the keys are saved. Start pagent and add the private key there ( the ppk file in Putty's format)

Remember that pagent must be running for the authentication to work

WINDOWS: If you have git for windows installed go to its folder.

Look in the bin directory. There is a sh.exe file. Run that.

Then type: > ssh-keygen -t rsa -C "your email here"

Follow through instructions and then type:

> cat ~/.ssh/id_rsa.pub | clip

It copies the key to your clipboard. Now you can paste that public key to the server side.

1. Open the windows command line (type "cmd" on the search box and hit enter).
2. It'll default to your home folder, so you don't need to cd to a different one.
3. Type mkdir .ssh

Warning: If you are saving your keys under C:/User/username/.ssh ( the default place), make sure to back up your keys somewhere (eg your password manager).

After the most recent Windows 10 Update (version 1607), my .ssh folder was empty. This is where my keys have always been, but Windows decided to delete them when updating.

Thankfully I had backed up my keys... But... I bet some people will be reverting their PC's today.

I'm running Microsoft Windows 10 Pro, Version 10.0.17763 Build 17763, and I see my .ssh folder easily at C:\Users\jrosario\.ssh without having to edit permissions or anything (though in File Explorer, I did select "Show hidden files, folders and drives"):

The keys are stored in a text file named known_hosts, which looks roughly like this:

I found a notable exception that in Windows 10, using the described route only wrote the files to the folder if the file names where not specified in the ssh-keygen generator.

giving a custom key name caused the files containing the RSA public and private keys not to be written to the folder.

• Open the windows command line
• Type ssh-keygen
• Leave file name blank, just press return,
• Set your passphrase
• Generate your key files. They will now exist. and be stored in c:/Users/YourUserName/.ssh/

(using Admin Command Line and Windows 10 Pro)

Create private/public key:

1. Open up terminal (git bash, PowerShell, cmd.exe etc.)
2. Type in ssh-keygen
3. Press enter for default file save (~/.ssh/id_rsa)
4. Press enter for default passphrase (no passphrase)
5. Press enter again
6. Look at the output and make sure that the RSA is 3072 or above

You have now created a private/public key pair.

For GIT the key must have a strength of 2048, must be located in the users .ssh directory and be called id_rsa and id_rsa.pub. When pasting the keys anywhere make sure to use a program that does not add new lines like VIM.

Also, you can try (for Windows 10 Pro) Run Powershell as administrator and type ssh-keygen -t rsa -b 4096 -C "[email protected]"

Also, you can try to run ssh-keygen from Git Bash terminal

If you have Windows 10 with the OpenSSH client you may be able to generate the key, but you will have trouble copying it to the target Linux box as the ssh-copy-id command is not part of the client toolset.

Having has this problem I wrote a small PowerShell function to address this, that you add to your profile.

function ssh-copy-id([string]$userAtMachine, [string]$port = 22) {   
    # Get the generated public key
    $key = "$ENV:USERPROFILE" + "/.ssh/id_rsa.pub"
    # Verify that it exists
    if (!(Test-Path "$key")) {
        # Alert user
        Write-Error "ERROR: '$key' does not exist!"            
    }
    else {	
        # Copy the public key across
        & cat "$key" | ssh $userAtMachine -p $port "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys || exit 1"      
    }
}

You can get the gist here

I have a brief write up about it here

I finally got it to work by running opening command line with "Run a Administrator" even though I was already admin and could create directory manually

All these answers generate default keys that are not secure enough. This answer suggests ONE (1 of MANY) ways to generate SAFE keys. I would rather use my answer over other answers on this page ... by far...

ssh-keygen -t rsa -b 4096