-
Главная
-
Инструкции
-
Windows
-
Как сгенерировать SSH-ключ для Windows: пошаговая инструкция
SSH — это сетевой протокол прикладного уровня, необходимый для обеспечения безопасного подключения, а после и управления операционной системой. Через него можно удаленно выполнять команды в терминале компьютера. Создать удаленное подключение к серверу через SSH можно с помощью паролей или SSH-ключей. В данной статье мы рассмотрим, как создать ключи в операционной системе Windows.
SSH-ключ в Windows — это один из способов безопасного подключения к удаленному серверу. Преимущество данного метода подключения — это отсутствие возможности взлома, как это происходит с паролем.
Для подключения создаются два SSH-ключа:
- Публичный — ключ, хранящийся на сервере в определенном каталоге. Это комбинация символов, которая шифрует данные при обращении к серверу.
- Приватный — зашифрованный ключ, который располагается на компьютере клиента. Он отвечает за расшифровку полученных данных. При его генерации можно добавить пароль для дополнительной защиты.
Для корректной и полной работы SSH—ключей необходимо будет отключить аутентификацию по паролю.
После создания SSH-ключей в Windows и из сохранении на сервер, при подключении к серверу будет происходить их проверка. Если публичный ключ соответствует приватному, то подключение выполнится.
Существует два варианта генерации SSH-ключей в Windows. Первый — использование OpenSSH клиента, второй — использование клиента PuTTY. Ниже опишем инструкции по созданию ключей, используя и первый, и второй вариант. В качестве операционной системы будет использоваться Windows 10.
OpenSSH клиент
- Для начала нужно проверить установлен ли OpenSSH клиент на Windows 10. Для этого зайдем в «Параметры», а после перейдем во вкладку «Приложения». Далее нажимаем на ссылку «Дополнительные компоненты», как показано на картинке ниже.
В открывшемся окне в строку поиска вводим «Клиент OpenSSH». Если в списке он будет найден, то можно сразу приступать к генерации ключей. Если же он отсутствует, то нужно нажать на кнопку «Добавить компонент», а после найти его и выбрать среди всех доступных, используя строку поиска. Далее останется нажать кнопку «Установить» снизу слева и можно переходить ко второму шагу.
- Теперь нужно открыть командную строку. Для этого открываем диалоговое окно «Выполнить» (комбинация клавиш Win+R), вводим в строку
cmd
и нажимаем кнопку «ОК».
- В открывшемся окне вводим команду:
ssh-keygen
После этого запустится процесс генерации.
В первую очередь пользователю будет предложено ввести путь к папке, в которой будут храниться ключи. Чтобы оставить вариант по умолчанию (.../.ssh/id_rsa
), предложенный системой, нужно нажать клавишу «Enter».
Далее пользователю будет предложено ввести ключевое слово к ключу. Чтобы пропустить этот шаг, нажмите также клавишу «Enter» 2 раза.
- Проверим, что все ключи успешно сгенерированы. Для этого переходим в соответствующий каталог на своем компьютере. У нас это
/.ssh/id_rsa
, так как мы оставили все по умолчанию.
Как видно по картинке выше, ключи сгенерированы успешно.
Переходим к варианту их создания с помощью клиента PuTTY.
PuTTY
Клиент PuTTY был популярным, когда OpenSSH отсутствовал в Windows. Но и сейчас его не перестают использовать. Он находится в свободном доступе на официальном сайте разработчика. Рассмотрим ниже подробную инструкцию по генерации SSH-ключей на Windows 10 в PuTTY.
- Для начала необходимо скачать архив клиента PuTTY с официального сайта.
- После его нужно будет разархивировать и запустить файл
puttygen.exe
от имени администратора. - В открывшемся окне выбираем классический и повсеместно использующийся тип ключа для генерации — RSA. Длину оставляем 2048 бит и нажимаем кнопку «Генерировать».
- Во время генерации нужно водить курсором по серой области внутри окна до заполнения зеленой полоски. Это позволит улучшить защищенность генерируемого ключа, благодаря созданию псевдослучайности.
- После успешной генерации нужно сохранить публичный и приватный ключ на компьютере. Для этого создадим папку на диске.
Ключи успешно созданы и сохранены на локальной машине. На этом этапе их генерация закончена.
Заключение
В данной инструкции были рассмотрены два варианта создания SSH-ключей в Windows. Для подключения к серверу нужно скопировать в него созданный публичный ключ. При попытке соединиться с сервером будет происходить проверка публичного ключа на стороне сервера с приватным на стороне клиента. Если вы пользуетесь облачными серверами Timeweb Cloud, то можете добавить сгенерированный публичный ключ в разделе «SSH-ключи» в панели управления.
Introduction
SSH stands for Secure Shell and is a method used to establish a secure connection between two computers.
SSH works by authenticating based on a key pair, with a private key being on a remote server and the corresponding public key on a local machine. When the keys match, access is granted to the remote user.
This guide will show you how to generate an SSH key pair in Windows 10 using OpenSSH or PuTTY.
Prerequisites
- A system running Windows 10
- A user account with administrative privileges
- Access to the command prompt
- A web browser (optional, to download PuTTY)
Generate an SSH key in Windows 10 with OpenSSH Client
Step 1: Verify if OpenSSH Client is Installed
First, check to see if you have the OpenSSH client installed:
1. Open the Settings panel, then click Apps.
2. Under the Apps and Features heading, click Optional Features.
3. Scroll down the list to see if OpenSSH Client is listed.
- If it’s not, click the plus-sign next to Add a feature.
- Scroll through the list to find and select OpenSSH Client.
- Finally, click Install.
Step 2: Open Command Prompt
1. Press the Windows key.
2. Type cmd.
3. Under Best Match, right-click Command Prompt.
4. Click Run as Administrator.
5. If prompted, click Yes in the Do you want to allow this app to make changes to your device? pop-up.
Step 3: Use OpenSSH to Generate an SSH Key Pair
1. In the command prompt, type the following:
ssh-keygen
2. By default, the system will save the keys to C:\Users\your_username/.ssh/id_rsa. You can use the default name, or you can choose more descriptive names. This can help distinguish between keys, if you are using multiple key pairs. To stick to the default option, press Enter.
Note: If a file with the same name already exists, you will be asked whether you want to overwrite the file.
3. You’ll be asked to enter a passphrase. Hit Enter to skip this step.
4. The system will generate the key pair, and display the key fingerprint and a randomart image.
5. Open your file browser.
6. Navigate to C:\Users\your_username/.ssh.
7. You should see two files. The identification is saved in the id_rsa file and the public key is labeled id_rsa.pub. This is your SSH key pair.
Note: Normally, the public key is identified with the .pub extension. You can use Notepad to see the contents of both the private and public key.
Generate SSH Keys Using PuTTY
Before OpenSSH was included with Windows, the PuTTY tool was the gold standard for generating SSH keys.
Step 1: Install PuTTY
1. Browse to the developer’s page, and download the installer for PuTTY:
- https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
2. Double-click the downloaded file and follow the installation wizard to finish the installation.
- On the initial dialog of the installation wizard, click Next.
- Select the destination folder. Use the default installation configuration unless you have a specific need to change it. Click Next to move on to the next screen.
- Select PuTTY product features to be installed. Stick to the defaults if you do not have any specific needs. Click Next to move on to the next screen.
- Once the process completes, click Finish to exit the installation wizard.
Step 2: Run the PuTTY SSH Key Generator
1. Press the Windows key.
2. Type puttygen.
3. Under Best Match, right-click PuTTYgen.
4. Click Run as administrator.
5. If prompted, click Yes on the Do you want to allow this app to make changes to your device? pop-up.
Step 3: Use PuTTY to Create a Pair of SSH Keys
The process outlined below will generate RSA keys, a classic and widely-used type of encryption algorithm. The PuTTY keygen tool offers several other algorithms – DSA, ECDSA, Ed25519, and SSH-1 (RSA).
If you require a different encryption algorithm, select the desired option under the Parameters heading before generating the key pair.
1. In the PuTTY Key Generator window, click Generate.
2. Move the cursor around in the gray box to fill up the green bar.
3. Save the public key:
- Click the button labeled Save public key.
- Choose a location to save the key.
- Give the key a name (e.g., putty_key.pub)
4. Save the private key:
- Click the Conversions menu at the top.
- Click Export OpenSSH key.
- You’ll be asked if you want to save a key without a passphrase. Click Yes.
- Choose a location to save the key (usually the same folder as the public key).
- Give the key a name (e.g., putty_key).
Using Your SSH Keys
To use your SSH keys, copy your public SSH key to the system you want to connect to. Use your private SSH key on your own system. Your private key will match up with the public key, and grant access.
For further details and troubleshooting, see our guide on paswordless SSH login using SSH keys.
Conclusion
This article has provided two methods of generating SSH key pairs on a Windows 10 system. Use the SSH keys to connect to a remote system without the use of passwords.
To Create SSH Key in Windows, three different methods are available. SSH Key in Windows enables you to establish a secure connection between two computers. The Secure Shell grants access to the remote user by matching the keys. Private and public SSH keys are provided in pairs. SSH uses a key pair for authentication, with the associated private key being stored on a remote server and the corresponding public key being stored on a local workstation (machine). Obviously, the private key is not supposed to be shared and must remain secret and secure. The public key would be placed on the remote server that you’d like to access to be shared.
From a remote location, SSH enables you to transfer files, commands, forward ports, and more. In this article, you will learn How to Create SSH Key in Windows 10/11. To purchase your own Windows VPS and achieve the fastest VPS available in +15 locations, find your considered cheap plan and enjoy our 24/7 support.
Previously on the OperaVPS blog, Linux users became experts in the setup and using SSH Key on their Linux Servers. It is time to help Windows users to find out what are the 3 methods of creating SSH keys in Windows since the first step of using SSH keys is to create them. Join us with this article to review all you need to know to be able to create SSH Key in your Windows.
Prerequisites to Create SSH Key in Windows 10/11
To let this guide work correctly, make sure you have checked the below options.
- A system running Windows 10
- A user account with administrative privileges
- Command prompt accessibility
- An Internet browser (optional, to download PuTTY)
1. How to Generate an SSH key in Windows 10/11
The first method we are going to discuss is Generating an SSH key in Windows with OpenSSH Client. To do this, you need to Check if the OpenSSH Client is installed or not.
First, open Settings and click Apps.
Then, click Optional Features to go on.
At the end of the list, you can verify if OpenSSH Client is listed or not. If it has not been generated yet, click the plus-sign next to Add a feature. Finally, find and select OpenSSH Client to click Install.
At this point, to open Command Prompt, follow the below path.
Press the Windows Key>type cmd>Right click Command Prompt>Click Run as Administrator
Note: You will be asked ‘’Do you want to allow this app to make changes to your device?’’ Click Yes on this pop-up to continue.
Now, you are ready to use OpenSSH to generate an SSH Key Pair. Once the command prompt is opened, run the command below and hit Enter. You can do this with both the Command prompt and Windows Terminal.
ssh-keygen
In this way, the SHH Key would be generated automatically. To use another algorithm, you can refer to Generate a new SSH Key on GitHub.
When you are prompted to choose a name for your Key and save it in a specific location, you can use the default name or write down your own. If you are using multiple Key pairs, you are recommended to give different names to keys to be able to distinguish between keys later. However, the system will save the keys to C:\Users\your_username/.ssh/id_rsa.
Next, you will be asked to enter a passphrase. We recommend you do this and secure your key. But if you do not prefer this, just hit Enter to skip this step.
As a result, the Key pair would be generated by the system, and you can see the key fingerprint and a random art image. So, to navigate to C:\Users\your_username/.ssh, open your file browser.
Two files will be displayed. Usually, the public key is identified with the .pub extension. The identification is saved in the id_rsa file and the public key is labeled id_rsa.pub. This is your SSH key pair. To check the content of both the private and public keys, use Notepad.
2. How to Generate SSH Keys in Windows 10/11 Using PuTTY
Before OpenSSH, PuTTY was a well-known and widely used program to communicate with a server for years in Windows. Offering a method for creating SSH Keys, PuTTY provides some helper programs. PuTTY Key Generator is one of them.
To install PuTTY, open your favorite browser and open its developer page to download the installer. By clicking on the downloaded file twice, follow the installation wizard and finish it. Once the first dialog of the installation wizard is up, click Next.
Select the destination folder. If you do not need to change the default installation configuration, click Next to move on.
In this step, you should select PuTTY product features to be installed. If you do not consider any specific options, let it be continued by default. To do this, just click Install.
Click Yes on the Do you want to allow this app to make changes to your device pop-up when you are prompted. And click Finish to exit the installation Wizard when the process is complete.
After a successful installation, it is time to run the PuTTY SSH Key Generator. To do this, follow the below path.
Press the Windows Key>Type puttygen, right-click PuTTYgen under Best Match>Click Run as administrator.
Click Yes on the Do you want to allow this app to make changes to your device pop-up when you are prompted.
Then, you are ready to use PuTTY to create a pair of SSH Keys.
Several algorithms are offered by the PuTTY Keygen tool. RSA keys, a classic and widely-used type of encryption algorithm will be generated. Other ones are DSA, ECDSA, Ed25519, and SSH-1 (RSA).
Select your considered option under the Parameters heading before generating the key pair, if you wish to have a different encryption algorithm. Now, follow the two below steps:
Click Generate in the PuTTY Key Generator window.
Move the cursor around in the gray box several times to fill up the green bar.
To save the public key, follow the below path:
Click the button labeled Save public key>Choose your desired location to save the key>Give the key a name (e.g., putty_key.pub).
And finally, to save the private key, at the top of the window select Conversation>click Export OpenSSH Key.
Click Yes when you are asked if you want to save a key without a passphrase. In the end, you should choose a location to save the key and give the key a name.
How to use your SSH Keys on Windows 10/11
After a successful installation and generating SSH Keys, you can start using your SSH keys. To do this, you should copy your public SSH key to the system you want to connect to. Utilize your personal SSH key on your computer. If your private key and the public key match, access will be granted.
3. How to Generate Keys in WSL
This method is almost alike to the Command Prompt and is used by those who are WSL users. It is similar to Windows but unlike Windows, you need to specify whether you want an RSA key or something like Ed25519. While you have installed Ubuntu Linux, open up Windows Terminal.
To create an ”RSA-4096” like key, run the following command.
ssh-keygen -t rsa -b 4096
To provide Ed25519, type:
ssh-keygen -t ed25519 -C "your@email.address"
On Windows, Microsoft uses your username and the name of your PC for this automatically, but here, you are recommended to add your email address as an identifier. To generate multiple keys for different sites just tag something like “_github” at the end of the filename.
You should verify the correctness of the username or password and try again.
Conclusion
In this article, you learned how to Create SSH Key in Windows 10/11. Three different methods were explained in detail to generate SSH key pairs on a Windows 10/11 system. Now, you can use the SSH keys to connect to a remote system without the use of passwords. As you saw, it is really easy to generate SSH keys in any of the reviewed methods. You are recommended to go with the Windows Command Prompt option if you have not installed PuTTY already. Also, users who prefer Linux would use another method.
If you encounter any problems, please do not hesitate to contact us. Our technical support team will try our best to solve your problems.
Modified: 13 Dec 2022 21:28 UTC
On Windows, you can create SSH keys in many ways. This document explains how to use two SSH applications, PuTTY and Git Bash.
We recommend ECDSA or RSA keys. DSA keys are supported, but not recomended.
PuTTY
PuTTY is an SSH client for Windows. You can use PuTTY to generate SSH keys. PuTTY is a free open-source terminal emulator that functions much like the Terminal application in macOS in a Windows environment. This section shows you how to manually generate and upload an SSH key when working with PuTTY in the Windows environment.
About PuTTY
PuTTY is an SSH client for Windows that you will use to generate your SSH keys. You can download PuTTY from www.chiark.greenend.org.uk.
When you install the PuTTY client, you also install the PuTTYgen utility. PuTTYgen is what you will use to generate your SSH key for a Windows VM.
This page gives you basic information about using PuTTY and PuTTYgen to log in to your provisioned machine. For more information on PuTTY, see the PuTTY documentation |
---|
Generating an SSH key
To generate an SSH key with PuTTYgen, follow these steps:
- Open the PuTTYgen program.
- For Type of key to generate, select SSH-2 RSA.
- Click the Generate button.
- Move your mouse in the area below the progress bar. When the progress bar is full, PuTTYgen generates your key pair.
- Type a passphrase in the Key passphrase field. Type the same passphrase in the Confirm passphrase field. You can use a key without a passphrase, but this is not recommended.
- Click the Save private key button to save the private key. You must save the private key. You will need it to connect to your machine.
- Right-click in the text field labeled Public key for pasting into OpenSSH authorized_keys file and choose Select All.
- Right-click again in the same text field and choose Copy.
Importing your SSH key
Now you must import the copied SSH key to the portal.
- After you copy the SSH key to the clipboard, return to your account page.
- Choose to Import Public Key and paste your SSH key into the Public Key field.
- In the Key Name field, provide a name for the key. Note: although providing a key name is optional, it is a best practice for ease of managing multiple SSH keys.
- Add the key. It will now appear in your table of keys under SSH.
PuTTY and OpenSSH use different formats of public SSH keys. If the text you pasted in the SSH Key starts with —— BEGIN SSH2 PUBLIC KEY
, it is in the wrong format. Be sure to follow the instructions carefully. Your key should start with ssh-rsa AAAA…
.
Once you upload your SSH key to the portal, you can connect to your virtual machine from Windows through a PuTTY session.
Git Bash
The Git installation package comes with SSH. Using Git Bash, which is the Git command line tool, you can generate SSH key pairs. Git Bash has an SSH client that enables you to connect to and interact with Triton containers on Windows.
To install Git:
- (Download and initiate the Git installer](https://git-scm.com/download/win).
- When prompted, accept the default components by clicking Next.
- Choose the default text editor. If you have Notepad++ installed, select Notepad++ and click Next.
- Select to Use Git from the Windows Command Prompt and click Next.
- Select to Use OpenSSL library and click Next.
- Select to Checkout Windows-style, commit Unix-style line endings and click Next.
- Select to Use MinTTY (The default terminal of mYSYS2) and click Next.
- Accept the default extra option configuration by clicking Install.
When the installation completes, you may need to restart Windows.
Launching GitBash
To open Git Bash, we recommend launching the application from the Windows command prompt:
- In Windows, press Start+R to launch the Run dialog.
- Type
C:\Program Files\Git\bin\bash.exe
and press Enter.
Generating SSH keys
First, create the SSH directory and then generate the SSH key pair.
One assumption is that the Windows profile you are using is set up with administrative privileges. Given this, you will be creating the SSH directory at the root of your profile, for example:
C:\Users\joetest
- At the Git Bash command line, change into your root directory and type.
mkdir .ssh
-
Change into the .ssh directory
C:\Users\joetest\.ssh
- To create the keys, type:
ssh-keygen.exe
- When prompted for a password, type apassword to complete the process. When finished, the output looks similar to:
Ssh-keygen.exe
Generating public/private rsa key pair.
Enter file in which to save the key (/c/Users/joetest/.ssh/id_rsa): /c/Users/joetest/.ssh/
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /c/Users/joetest/.ssh/
Your public key has been saved in /c/Users/joetest/.ssh/
The key fingerprint is:
SHA256:jieniOIn20935n0awtn04n002HqEIOnTIOnevHzaI5nak joetest@periwinkle
The key's randomart image is:
+---[RSA 2048]----+
|*= =+. |
|O*=.B |
|+*o* + |
|o +o. . |
| ooo + S |
| .o.ooo* o |
| .+o+*oo . |
| .=+.. |
| Eo |
+----[SHA256]-----+
$ dir .ssh
id_rsa id_rsa.pub
Uploading an SSH key
To upload the public SSH key to your Triton account:
- Open Triton Service portal, select Account to open the Account Summary page.
- From the SSH section, select Import Public Key.
- Enter a Key Name. Although naming a key is optional, labels are a best practice for managing multiple SSH keys.
- Add your public SSH key.
When Triton finishes the adding or uploading process, the public SSH key appears in the list of SSH keys.
What are my next steps?
- Adding SSH keys to agent.
- Set up the Triton CLI and CloudAPI on Windows.
- Set up the Triton CLI and CloudAPI.
- Create an instance in the Triton Service Portal.
- Set up the
triton-docker
command line tool. - Visit PuTTYgen to learn more about the PuTTYgen and to see
the complete installation and usage guide.
- To generate SSH keys on Windows 11, open Command Prompt (admin), and run the “ssh-keygen,” confirm the name for the keys and passphrase. The keys will be generated inside the “.ssh” folder in your profile folder (or in the root of “C.”)
On Windows 11, you can generate private and public SSH keys directly from Command Prompt or PowerShell without having to resource to third-party solutions, and in this guide, you will learn how.
If you are a web developer or network administrator, you’re probably familiar with remote server connections using SSH keys. SSH (Secure Shell Protocol) keys come in pair of public and private keys that you can use to authenticate with a remote server using encryption communication over the internet. Typically, you enable and configure the remote server with SSH and install the public key, and then when establishing a remote connection, you will present the private key (and passphrase if configured) to perform a secure authentication.
Usually, you would use third-party solutions, such as Putty’s PuttyGen tool, to generate SSH keys, but you can also use the built-in SSH key generator on Windows 11 (and 10).
In this guide, you will learn the steps to create SSH keys on Windows 11. (These instructions should also apply to Windows 10.)
- Generate SSH keys on Windows 11 (basic)
- Generate SSH keys on Windows 11 (advanced)
To generate SSH keys on Windows 11, use these steps:
-
Open Start on Windows 11.
-
Search for Command Prompt or PowerShell, right-click the top result, and select the Run as administrator option.
-
Type the following command to generate a pair of SSH keys and press Enter:
ssh-keygen
-
Confirm a descriptive name for the file (for example, webserver) and press Enter.
-
(Optional) Confirm a passphrase for the SSH keys.
Quick note: The passphrase is a layer of security to protect the keys. If you don’t enter a password when authenticating, you won’t be asked to confirm the passphrase, but entering one is recommended.
-
Confirm the passphrase one more time and press Enter.
Once you complete the steps, the private and public keys will be generated and stored in the “.ssh” folder inside your profile folder (%USERPROFILE%). The private key will not include a file extension, while the public key will have a “.pub” extension.
Generate SSH keys on Windows 11 (advanced)
To generate SSH keys using a specific type, use these steps:
-
Open Start.
-
Search for Command Prompt or PowerShell, right-click the top result, and select the Run as administrator option.
-
Type the following command to generate private and public SSH keys using a specific type and press Enter:
ssh-keygen -t ed25519 -C "[email protected]"
Quick note: The “-t” option tells the command that you want to specify a new type of key. In the command, we’re using “ed25519” to create an EdDSA key type. The default creates RSA keys, but you can change it to DSA, ECDSA, ECDSA-K, ED25519, or ED25519-SK. If you don’t specify your email address, the command will generate a random address using your account username
"@"
computer name. -
Confirm a descriptive name for the file (for example, webserver) and press Enter.
-
(Optional) Confirm a passphrase for the SSH keys.
-
Confirm the passphrase one more time and press Enter.
After you complete the steps, the SSH keys will be available in the “.ssh” folder in your account folder (%USERPROFILE%).
If the SSH keys are not present in the C:\Users\username\.ssh
folder, the tool may have stored the files in the root of the C:\
drive. Also, if the “.ssh” folder is missing from the profile folder, you can create a new folder manually and run the command again, but this time, you need to append this configuration -f %userprofile%/.ssh/id_ed25519
. The command should be similar to this: ssh-keygen -t ed25519 -C "[email protected]" -f %userprofile%/.ssh/id_ed25519
You can always use the ssh-keygen /help
command to access the available options with descriptions.
If the “ssh-keygen” command isn’t available, you will have to install it manually from Settings > Apps > Optional features. On the settings, click the “View features” button, search for “OpenSSH Client,” and check the option, then click the “Next” and the “Install” buttons.
We may earn commission for purchases using our links to help keep offering the free content. Privacy policy info.
All content on this site is provided with no warranties, express or implied. Use any information at your own risk. Always backup of your device and files before making any changes. Privacy policy info.