160

I am having a really hard time getting my SSH keys up and running after installing Windows 10. Normal method is create it and throw it in the user's account under .ssh. But this folder does not appear to be available in Windows 10.

I need to have 3 SSH keys for different repos.

Amin Shojaei
  • 5,451
  • 2
  • 38
  • 46
Rudenate3
  • 1,821
  • 2
  • 12
  • 13

12 Answers12

198
  1. Open the windows command line (type "cmd" on the search box and hit enter).
  2. It'll default to your home folder, so you don't need to cd to a different one.
  3. Type ssh-keygen(if not found, check here)
  4. Leave the first parameter empty(default), enter a password if you like, or leave it empty
  5. Your ssh keys should be stored at chosed directory, the default is: /c/Users/YourUserName/.ssh/id_rsa.pub

p.s.: If you installed git with bash integration (like me) open "Git Bash" instead of "cmd" on first step

Amin Shojaei
  • 5,451
  • 2
  • 38
  • 46
Digital Fun Frenzy
  • 2,053
  • 1
  • 9
  • 2
  • 39
    this looks great except it doesn't work. there is no command `ssh-keygen` – roberto tomás Oct 05 '16 at 23:35
  • 12
    for some reason i had to run the `ssh-keygen` command in the git-bash shell instead of the cmd-shell. – Olian04 Jan 19 '17 at 12:44
  • 6
    For that you can use Git Bash sheel or git cmd , You can not use Windows cmd. – Pavan T May 08 '17 at 06:48
  • This solution was not working for me in Powershell. But once I applied the advice of others in these comments to use the git bash shell instead, it worked great. – J. Garth Sep 10 '17 at 00:20
  • And what about the private keys to connect to other hosts? Should they be in this folder too? – Suncatcher Mar 16 '18 at 10:13
  • 7
    As of Dec 2018, it worked out of the box in Win 10 for me – Urs Dec 23 '18 at 22:41
  • 1
    @Suncatcher Yes. For logging into Github, DigitalOcean, etc. you need the public key which is in "id_rsa.pub" in the same folder. Open it with a text editor like notepad and copy and paste wherever you need to add your SSH key. – Goose Jan 05 '19 at 23:14
  • Incase anybody still does not know, for it to work in CMD you need OpenSSH installed, i think it is standard now. – Nico Bleiler Jun 12 '19 at 12:28
  • 1
    Last Windows version as of 12/11/2019, has ssh-keygen command, so worked perfectly. – Máxima Alekz Dec 12 '19 at 02:14
  • Worked for me with Windows 10 cmd-shell. I needed to start it as administrator to generate the key. – Viktor Be Jan 11 '20 at 12:27
  • 1
    The easiest way to copy to clipboard is running `cat ~/.ssh/id_rsa.pub | clip` – Leo Caseiro Jan 30 '20 at 23:46
  • This answer is incomplete and does not state how to generate very secure keys. – avia May 15 '21 at 21:56
63

2019-04-07 UPDATE: I tested today with a new version of windows 10 (build 1809, "2018 October's update") and not only the open SSH client is no longer in beta, as it is already installed. So, all you need to do is create the key and set your client to use open SSH instead of putty(pagent):

  1. open command prompt (cmd)
  2. enter ssh-keygenand press enter
  3. press enter to all settings. now your key is saved in c:\Users\.ssh\id_rsa.pub
  4. Open your git client and set it to use open SSH

I tested on Git Extensions and Source Tree and it worked with my personal repo in GitHub. If you are in an earlier windows version or prefer a graphical client for SSH, please read below.

2018-06-04 UDPATE:

On windows 10, starting with version 1709 (win+R and type winver to find the build number), Microsoft is releasing a beta of the OpenSSH client and server. To be able to create a key, you'll need to install the OpenSSH server. To do this follow these steps:

  1. open the start menu
  2. Type "optional feature"
  3. select "Add an optional feature"
  4. Click "Add a feature"
  5. Install "Open SSH Client"
  6. Restart the computer

Now you can open a prompt and ssh-keygen and the client will be recognized by windows. I have not tested this. If you do not have windows 10 or do not want to use the beta, follow the instructions below on how to use putty.

ssh-keygen does not come installed with windows. Here's how to create an ssh key with Putty:

  1. Install putty
  2. Open PuttyGen
  3. Check the Type of key and number of bytes to usePuttyGen parameters
  4. Move the mouse over the progress bar generating key with mouse input
  5. Now you can define a passphrase and save the public and private keys key created dialog

For openssh keys, a few more steps are required:

  1. copy the text from "Public key for pasting" textbox and save it as "id_rsa.pub"
  2. To save the private key in the openssh format, go to Conversions->Export OpenSSH key ( if you did not define a passkey it will ask you to confirm that you do not want a pass key) menu for converting key to OpenSSH format
  3. Save it as "id_rsa"

Now that the keys are saved. Start pagent and add the private key there ( the ppk file in Putty's format) pagent keys dialog

Remember that pagent must be running for the authentication to work

franksands
  • 1,748
  • 16
  • 21
  • 7
    ssh-keygen is included in windows 10, not sure which version, in "Manage Optional Features" – sebbu May 25 '18 at 10:53
  • 1
    @sebbu Indeed, Now on windows 10 you can install a beta of the Open SSH Server in the "Manage Optional Features" and that will get you ssh-keygen along with a few other things. But it doesn't come installed and it's not exactly easy to find. I'll update my answer. – franksands Jun 04 '18 at 23:11
  • 1
    @KarlMorrison pagent is the gui to perform the ssh authentication. it's usually found in the start menu. – franksands Jun 04 '18 at 23:15
  • 1
    You do not need to install the Open SSH Server. The Open SSH Client feature includes ssh-keygen. – Onots Nov 11 '18 at 03:13
  • 1
    @Onots I tested with a new version of windows 10 (2018 October update) and not only open ssh client is enough, but it already comes installed :D I'll update my answer – franksands Apr 07 '19 at 17:27
  • This answer is incomplete and does not state how to generate very secure keys. – avia May 15 '21 at 21:56
  • @avia What part of the answer is incomplete? What do mean by "not very secure" keys? – franksands May 17 '21 at 10:56
  • 1
    @franksands Thanks for the reply. What I mean by that, is that more secure keys could be generated using optional attributes. You could read ssh-keygen man page to learn more. – avia May 23 '21 at 05:02
  • upvote for the udpate. could you elaborate how to do step 4 Open your git client and set it to use open SSH? What's git client? i just want to see my public key. – K Y Jun 01 '21 at 19:23
  • @K Y it depends on the client you use. I tested at the time with Git Extensions and source tree. I currently don't have that setup anymore, but I'll try to set it up and test it again – franksands Jun 02 '21 at 21:33
37

WINDOWS: If you have git for windows installed go to its folder.

enter image description here

Look in the bin directory. There is a sh.exe file. Run that.

enter image description here

Then type:

ssh-keygen -t rsa -C "your email here"

Follow through instructions and then type:

cat ~/.ssh/id_rsa.pub | clip

It copies the key to your clipboard. Now you can paste that public key to the server side.

Daniel
  • 2,028
  • 20
  • 18
12
  1. Open the windows command line (type "cmd" on the search box and hit enter).
  2. It'll default to your home folder, so you don't need to cd to a different one.
  3. Type mkdir .ssh
aruanoc
  • 817
  • 1
  • 7
  • 9
11

Warning: If you are saving your keys under C:/User/username/.ssh ( the default place), make sure to back up your keys somewhere (eg your password manager).

After the most recent Windows 10 Update (version 1607), my .ssh folder was empty. This is where my keys have always been, but Windows decided to delete them when updating.

Thankfully I had backed up my keys... But... I bet some people will be reverting their PC's today.

Andrew
  • 18,680
  • 13
  • 103
  • 118
11

I'm running Microsoft Windows 10 Pro, Version 10.0.17763 Build 17763, and I see my .ssh folder easily at C:\Users\jrosario\.ssh without having to edit permissions or anything (though in File Explorer, I did select "Show hidden files, folders and drives"): enter image description here

The keys are stored in a text file named known_hosts, which looks roughly like this: enter image description here

ShieldOfSalvation
  • 1,297
  • 16
  • 32
7

I found a notable exception that in Windows 10, using the described route only wrote the files to the folder if the file names where not specified in the ssh-keygen generator.

giving a custom key name caused the files containing the RSA public and private keys not to be written to the folder.

  • Open the windows command line
  • Type ssh-keygen
  • Leave file name blank, just press return,
  • Set your passphrase
  • Generate your key files. They will now exist. and be stored in c:/Users/YourUserName/.ssh/

(using Admin Command Line and Windows 10 Pro)

Martin
  • 22,212
  • 11
  • 70
  • 132
  • @Braineeee negative. This will ***NOT*** overwrite your keys, if keys currently exist in the destination then on the Command-line Window it will ask you if you wish to overwrite these keys. Other keys in the same folder **are not effected**. I know as after reading your comment I did a test run and found this to be so. – Martin Apr 17 '17 at 21:09
  • Did you ever figure out why? – Damainman Oct 19 '17 at 03:07
  • @Damainman unfortunately I've not yet had a chance to explore this more, so no `:-/` – Martin Oct 30 '17 at 13:15
  • 1
    Thanks @Martin you saved my day. I am able to create the files with different named. We have to provide the path separator in unix way! The following worked for me. ssh-keygen -t ed25519 -C "My Github Key" Enter file in which to save the key (C:\Users\bilix/.ssh/id_ed25519): **c:\users\bilix\.ssh\id_ed25519_github** – Prakash P May 15 '19 at 09:12
6

Create private/public key:

  1. Open up terminal (git bash, PowerShell, cmd.exe etc.)
  2. Type in ssh-keygen
  3. Press enter for default file save (~/.ssh/id_rsa)
  4. Press enter for default passphrase (no passphrase)
  5. Press enter again
  6. Look at the output and make sure that the RSA is 3072 or above

You have now created a private/public key pair.

For GIT the key must have a strength of 2048, must be located in the users .ssh directory and be called id_rsa and id_rsa.pub. When pasting the keys anywhere make sure to use a program that does not add new lines like VIM.

basickarl
  • 37,187
  • 64
  • 214
  • 335
4

Also, you can try (for Windows 10 Pro) Run Powershell as administrator and type ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

Also, you can try to run ssh-keygen from Git Bash terminal

chavy
  • 841
  • 10
  • 20
3

All these answers generate default keys that are not secure enough. This answer suggests ONE (1 of MANY) ways to generate SAFE keys. I would rather use my answer over other answers on this page ... by far...

ssh-keygen -t rsa -b 4096

avia
  • 1,527
  • 7
  • 19
2

If you have Windows 10 with the OpenSSH client you may be able to generate the key, but you will have trouble copying it to the target Linux box as the ssh-copy-id command is not part of the client toolset.

Having has this problem I wrote a small PowerShell function to address this, that you add to your profile.

function ssh-copy-id([string]$userAtMachine, [string]$port = 22) {   
    # Get the generated public key
    $key = "$ENV:USERPROFILE" + "/.ssh/id_rsa.pub"
    # Verify that it exists
    if (!(Test-Path "$key")) {
        # Alert user
        Write-Error "ERROR: '$key' does not exist!"            
    }
    else {  
        # Copy the public key across
        & cat "$key" | ssh $userAtMachine -p $port "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys || exit 1"      
    }
}

You can get the gist here

I have a brief write up about it here

Rad
  • 8,336
  • 4
  • 46
  • 45
1

I finally got it to work by running opening command line with "Run a Administrator" even though I was already admin and could create directory manually

adelaidedave
  • 19
  • 1