Generate SSH Key in Windows

Starting from Windows 10 build 1809, Windows has a native SSH client that is based on the OpenSSH port.

The OpenSSH client in Windows includes an ssh-keygen – the command-line tool for creating authentication keys for SSH.

To create a pair of SSH keys in Windows, the ssh-keygen command can be executed from a Windows command-line prompt (CMD) or PowerShell.

This note shows how to generate SSH keys in Windows using the ssh-keygen command.

Cool Tip: How to fix “Bad owner or permissions on .ssh/config”. Read More →

Generate SSH Key in Windows

Before generating the SSH keys in Windows using the ssh-keygen command it is required to ensure that the “OpenSSH Client” feature in enabled.

For this, open the “Optional features” by pressing ⊞ Win + R to start the “Run” dialog, type in the ms-settings:optionalfeatures command and click “OK”:

If the “OpenSSH Client” is not present in the list, click on the “Add a feature” to find and install it:

Run the ssh-keygen command from the Windows command-line prompt (CMD) or PowerShell to generate the SSH keys:

C:\> ssh-keygen
- sample output -
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\<UserName>/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in C:\Users\<UserName>/.ssh/id_rsa.
Your public key has been saved in C:\Users\<UserName>/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:QuaxSRSTbyN3pXlacwQTcE0miET5yvAT5EucH8UYD8Y <UserName>@<HostName>
The key's randomart image is:
+---[RSA 3072]----+
|      +=o+=**=o  |
|     ...+.E+++o  |
|      == o =..   |
|     =o+@ * + .  |
|      =OSB = o   |
|       .* o      |
|         .       |
|                 |
|                 |
+----[SHA256]-----+

By default, without any arguments, this command creates a key pair of a private key – id_rsa and a public key – id_rsa.pub and saves them into the folder C:\Users\<UserName>\.ssh.

If you want to choose an algorithm and key size, while generating the SSH keys, you can do this as follows:

C:\> ssh-keygen -t rsa -b 4096
C:\> ssh-keygen -t dsa 
C:\> ssh-keygen -t ecdsa -b 521
C:\> ssh-keygen -t ed25519

Leave a Reply