See how you can create all the SSH keys you will need using three different methods. We will show you how to create your original set of keys as well as add-ons if you want to create different keys for multiple sites.
Generate keys on the command line
Windows 10 has a built-in OpenSSH client program as of the April 2018 update. Windows 11 also has this feature built-in.
To use it, open the Windows command prompt by pressing the Windows key and typing "cmd".
Advice: If you frequently use the command prompt, we highly recommend installing Windows Terminal from the Windows Store (installed on Windows 11 by default). It is a tabular program that can run Command Prompt, PowerShell, and the Windows Linux Subsystem all in one window. It also has fun features like background image adjustment.
Whether you are using the command line or the Windows terminal, type ssh-keygen and press Enter. This will automatically generate SSH keys. In our tests on Windows 11, it generated a 2048 bit RSA key. If you want to use a different algorithm, for example GitHub recommends Ed25519, then type ssh-keygen -t ed25519.
After entering your command, press Enter and then you will be asked to give your key a name and save it to a specific location. If you use the defaults then it will save your keys in the path
C:\User[YourUserName].ssh ,assuming drive C is where your user account is stored.
You will then be prompted to enter a passphrase. We strongly recommend that you do this to keep your key secure. If you do not want a passphrase, just press Enter.
Your keys are generated, stored and ready to use. You will see that you have two files in your ".ssh" folder: "id_rsa" without file extension and "id_rsa.pub". The last is the key you upload to the servers for authentication, while the first is the private key that you do not share with others.
If you want to create multiple keys for different sites, it's also easy. Let's say, for example, that you wanted to use the default keys we just created for a server you have in Digital Ocean and want to create another set of keys for GitHub. You will follow the same procedure as above, but when it's time to save your key, just give it a different name, such as "id_rsa_github" or something similar.
You can do it as many times as you want. Just remember that the more keys you have, the more keys you have to manage. When you upgrade to a new computer, you must move these keys along with your other files otherwise you risk losing access to your servers and accounts, at least temporarily.
Generate keys in WSL
If you are a WSL user, you can use a method similar to the WSL installation. In fact, it's the same as the command line version. If you work mainly on Linux and command line in general, then it makes sense to keep your keys in WSL.
Open Windows Terminal or the built-in Ubuntu command prompt (assuming you have Ubuntu Linux installed). Then it is very similar to Windows. Unlike Windows, it's best to specify whether you want an RSA key or something like Ed25519.
Suppose you want to create an RSA-4096 key. You will enter the following command:
ssh-keygen -t rsa -b 4096
If you wanted the Ed25519, then the suggested way is this:
ssh-keygen -t ed25519 -C "email@example.com"
It is recommended that you add your email address as an ID, although you do not need to do this in Windows, as the Microsoft version automatically uses your username and computer name for this.
Again, to create multiple keys for different sites, just tag in something like "_github" at the end of the file name.
Generate keys with PuTTY
For years, the good old PuTTY program has been a popular way of communicating with servers in Windows. If you already have this program on your system, it also offers a method for generating SSH keys.
PuTTY comes with a number of utilities, one of which is called PuTTY Key Generator. To open it either search for it by pressing Windows Key and typing "puttygen" or by looking for it in the Start menu.
Once opened, at the bottom of the window you will see the different types of keys you want to create. If you're not sure which one to use, select "RSA" and then type "4096" in the input box that says "Number Of Bits In A Generated Key". Another alternative is to select "EdDSA" and then, from the drop-down menu that appears below it, make sure "Ed25519 (255 bit)" is selected.
Now all you have to do is click "Create" and PuTTY will start working. This should not take too long, depending on the power of your system and PuTTy will ask you to move your mouse through the window to create a complex key.
Once this is done, click on "Save Public Key" to save your public key and save it where you want it with the name "id_rsa.pub" or "id_ed25519.pub", depending on whether you selected RSA or Ed25519 in the previous step.
Then, to get your private key, you need an extra step. By default, PuTTY generates PPK keys for use with the PuTTy client. If you want OpenSSH, at the top of the window select Conversions> Extract OpenSSH key, and then save the file as "id_rsa" or "id_ed25519" without ending the file.
Creating SSH keys is very easy whichever method you choose. We recommend that you use the Windows Command Prompt option, unless you already have PuTTY installed, or even if you prefer Linux because you may understand more.