Generate new ssh keys in Windows 10 / 11
Windows 10Ssh KeysSsh KeygenWindows 11Windows 10 Problem Overview
I am having a really hard time getting my SSH keys up and running after installing Windows 10. Normal method is create it and throw it in the user's account under .ssh
. But this folder does not appear to be available in Windows 10.
I need to have 3 SSH keys for different repos.
Windows 10 Solutions
Solution 1 - Windows 10
- Open the windows command line (type "cmd" on the search box and hit enter).
- It'll default to your home folder, so you don't need to
cd
to a different one. - Type
ssh-keygen
(if not found, check here) - Leave the first parameter empty(default), enter a password if you like, or leave it empty
- Your ssh keys should be stored at chosed directory, the default is:
/c/Users/YourUserName/.ssh/id_rsa.pub
p.s.: If you installed git with bash integration (like me) open "Git Bash" instead of "cmd" on first step
Solution 2 - Windows 10
2019-04-07 UPDATE: I tested today with a new version of windows 10 (build 1809, "2018 October's update") and not only the open SSH client is no longer in beta, as it is already installed. So, all you need to do is create the key and set your client to use open SSH instead of putty(pagent):
- open command prompt (cmd)
- enter
ssh-keygen
and press enter - press enter to all settings. now your key is saved in c:\Users<your user>.ssh\id_rsa.pub
- Open your git client and set it to use open SSH
I tested on Git Extensions and Source Tree and it worked with my personal repo in GitHub. If you are in an earlier windows version or prefer a graphical client for SSH, please read below.
2018-06-04 UDPATE:
On windows 10, starting with version 1709 (win+R and type winver
to find the build number), Microsoft is releasing a beta of the OpenSSH client and server.
To be able to create a key, you'll need to install the OpenSSH server. To do this follow these steps:
- open the start menu
- Type "optional feature"
- select "Add an optional feature"
- Click "Add a feature"
- Install "Open SSH Client"
- Restart the computer
Now you can open a prompt and ssh-keygen
and the client will be recognized by windows. I have not tested this.
If you do not have windows 10 or do not want to use the beta, follow the instructions below on how to use putty.
ssh-keygen
does not come installed with windows. Here's how to create an ssh key with Putty:
- Install putty
- Open PuttyGen
- Check the Type of key and number of bytes to use
- Move the mouse over the progress bar
- Now you can define a passphrase and save the public and private keys
For openssh keys, a few more steps are required:
- copy the text from "Public key for pasting" textbox and save it as "id_rsa.pub"
- To save the private key in the openssh format, go to Conversions->Export OpenSSH key ( if you did not define a passkey it will ask you to confirm that you do not want a pass key)
- Save it as "id_rsa"
Now that the keys are saved. Start pagent
and add the private key there ( the ppk file in Putty's format)
Remember that pagent
must be running for the authentication to work
Solution 3 - Windows 10
WINDOWS: If you have git for windows installed go to its folder.
Look in the bin directory. There is a sh.exe file. Run that.
Then type: > ssh-keygen -t rsa -C "your email here"
Follow through instructions and then type:
> cat ~/.ssh/id_rsa.pub | clip
It copies the key to your clipboard. Now you can paste that public key to the server side.
Solution 4 - Windows 10
- Open the windows command line (type "cmd" on the search box and hit enter).
- It'll default to your home folder, so you don't need to
cd
to a different one. - Type
mkdir .ssh
Solution 5 - Windows 10
Warning: If you are saving your keys under C:/User/username/.ssh ( the default place), make sure to back up your keys somewhere (eg your password manager).
After the most recent Windows 10 Update (version 1607), my .ssh folder was empty. This is where my keys have always been, but Windows decided to delete them when updating.
Thankfully I had backed up my keys... But... I bet some people will be reverting their PC's today.
Solution 6 - Windows 10
I'm running Microsoft Windows 10 Pro, Version 10.0.17763 Build 17763, and I see my .ssh folder easily at C:\Users\jrosario\.ssh without having to edit permissions or anything (though in File Explorer, I did select "Show hidden files, folders and drives"):
The keys are stored in a text file named known_hosts, which looks roughly like this:
Solution 7 - Windows 10
I found a notable exception that in Windows 10, using the described route only wrote the files to the folder if the file names where not specified in the ssh-keygen generator.
giving a custom key name caused the files containing the RSA public and private keys not to be written to the folder.
- Open the windows command line
- Type
ssh-keygen
- Leave file name blank, just press return,
- Set your passphrase
- Generate your key files. They will now exist. and be stored in
c:/Users/YourUserName/.ssh/
(using Admin Command Line and Windows 10 Pro)
Solution 8 - Windows 10
Create private/public key:
- Open up terminal (
git bash
,PowerShell
,cmd.exe
etc.) - Type in
ssh-keygen
- Press enter for default file save (
~/.ssh/id_rsa
) - Press enter for default passphrase (no passphrase)
- Press enter again
- Look at the output and make sure that the
RSA
is3072
or above
You have now created a private/public key pair.
For GIT the key must have a strength of 2048
, must be located in the users .ssh
directory and be called id_rsa
and id_rsa.pub
. When pasting the keys anywhere make sure to use a program that does not add new lines like VIM.
Solution 9 - Windows 10
Also, you can try (for Windows 10 Pro)
Run Powershell as administrator and type ssh-keygen -t rsa -b 4096 -C "[email protected]"
Also, you can try to run ssh-keygen
from Git Bash terminal
Solution 10 - Windows 10
If you have Windows 10 with the OpenSSH client you may be able to generate the key, but you will have trouble copying it to the target Linux box as the ssh-copy-id command is not part of the client toolset.
Having has this problem I wrote a small PowerShell function to address this, that you add to your profile.
function ssh-copy-id([string]$userAtMachine, [string]$port = 22) {
# Get the generated public key
$key = "$ENV:USERPROFILE" + "/.ssh/id_rsa.pub"
# Verify that it exists
if (!(Test-Path "$key")) {
# Alert user
Write-Error "ERROR: '$key' does not exist!"
}
else {
# Copy the public key across
& cat "$key" | ssh $userAtMachine -p $port "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys || exit 1"
}
}
You can get the gist here
I have a brief write up about it here
Solution 11 - Windows 10
I finally got it to work by running opening command line with "Run a Administrator" even though I was already admin and could create directory manually
Solution 12 - Windows 10
All these answers generate default keys that are not secure enough. This answer suggests ONE (1 of MANY) ways to generate SAFE keys. I would rather use my answer over other answers on this page ... by far...
ssh-keygen -t rsa -b 4096