Generate SSH key in Windows 10

How to Generate an SSH key in Windows 10

As you may already know, Windows 10 includes built-in SSH software - both a client and a server! This feature is available in the OS starting in version 1803. When the client option is installed, we can use it to generate a new SSH key.


On Windows machines, the freeware open-source software PuTTY is the de-facto standard when it comes to SSH and Telnet. With Windows 10, Microsoft has finally listened to its users after years of them requesting an SSH client and server. By including an OpenSSH implementation, the value of the OS increases.

The provided SSH client is similar to the Linux client. At first glance, it appears to support the same features as its *NIX counterpart. It is a console app, so you should be able to start it from the command prompt.

To proceed, you need to enable the OpenSSH Client feature. Check out the following text:

How to Enable OpenSSH Client in Windows 10

Enable OpenSSH Client In Windows 10

Assuming that you have it installed, you can do the following.

To Generate an SSH key in Windows 10,

  1. Open a new command prompt.
  2. Type ssh-keygen and hit the Enter key.
  3. The app will ask for the save location, offering C:\users\your user name\.ssh\id_rsa by default.Generate SSH Key In Windows 10 Step 1
  4. Next, you will be prompted to enter a passphrase. You can just hit the Enter key to skip it.Generate SSH Key In Windows 10 Step 2
  5. Finally, you will see the fingerprint for your key and SHA256. The default algorithm is RSA 2048.Generate SSH Key In Windows 10 Step 3

You are done. Your public key will be saved to the file, by default it is C:\users\your user name\.ssh\ You can now upload this file to the target machine you want to access with SSH. Do not share your private SSH key (id_rsa) unless you know what you are doing!

SSH supports a number of other public key algorithms using with keys, such as:

  • rsa - this is a classic algorithm based on the difficulty of factoring large numbers. Recommended keys size - 2048 or above.
  • dsa - yet another legacy algorithm based on the difficulty of computing discrete logarithms. It is no longer recommended.
  • ecdsa - a new Digital Signature Algorithm standarized by the US government, using elliptic curves. It supports 256, 384, and 521 key sizes.
  • ed25519 - this algorithm is the latest options included in OpenSSH. Certain software lacks support for it.

You can specify the algorithm using the -t option and change the key size using the -b switch. Some examples:

ssh-keygen -t rsa -b 4096
ssh-keygen -t ecdsa -b 521

That's it.

Also, see the following articles:

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!


Author: Sergey Tkachenko

Sergey Tkachenko is a software developer who started Winaero back in 2011. On this blog, Sergey is writing about everything connected to Microsoft, Windows and popular software. Follow him on Telegram, Twitter, and YouTube.

Leave a Reply

Your email address will not be published.

Using Telegram? Subscribe to the blog channel!
Hello. Add your message here.