How to Set up SSH Key Login with Windows 11

laptop 5437167 640

This post shows students and new users steps to install and configure SSH with key login with no password or passwordless. SSH supports various authentication methods. Authenticating using public key is more secure and convenient than traditional password authentication.

If you want to remotely connect to a SSH server using key authentication or use GitHub to manage your code, you will need a SSH key pair.

In Ubuntu Linux and other Unix-like systems, generating and managing SSH key and using key based authentication is pretty easy and straightforward.

Below is a post that shows you how to create a SSH key pair in Ubuntu Linux and use the public key to authenticate to a SSH server.

How to create a SSH key for key authentication

When you’re using a Windows machine the steps above might be a bit different. Windows 11 comes with a built in OpenSSH package and commands that one can use to generate and manage keys from the Command Prompt, Windows Terminal or PowerShell.

If you’re going to be using the command line, then you should definitely use Windows Terminal which is installed by default in Windows 11. Windows Terminal provides better experience and features, and can run the Command Prompt, PowerShell, and the Windows Subsystem for Linux all in one window.

How to create SSH keys in Windows 11

As mentioned above, one can create or generate SSH keys in Windows 11. If you want to use SSH key authentication or use SSH key based authentication, you will need to create a pair of SSH key.

The steps below show you how to do that in Windows 11

In Windows, to generate a SSH key, simply run the commands below and press Enter.

ssh-keygen

The command above will automatically create and generate a 2048-bit RSA key.

GitHub recommends generating a SSH key with Ed25519 algorithm.

ssh-keygen -t ed25519 -C "your_email@example.com"

When you run the commands above, you’ll be prompted with the following lines asking to enter a location to save the file.

When you are prompted to “Enter a file in which to save the key,” press Enter to accept the default file location.

Generating public/private ed25519 key pair.
Enter file in which to save the key (C:\Users\Richard/.ssh/id_ed25519):

 If you use the defaults then it will save your keys in C:\User\<username>\.ssh

Next, you’ll be asked to enter a passphrase. You typically leave this empty and press Enter. However, you can secure your SSH key by entering a passphrase so that you’re prompted for the passphrase everytime you want to use the key to authenticate.

Created directory 'C:\Users\Richard/.ssh'.
Enter passphrase (empty for no passphrase):

After that you should see similar screen as the one below. Your SSH key pair should be created and ready to use.

Generating public/private ed25519 key pair.
Enter file in which to save the key (C:\Users\Richard/.ssh/id_ed25519):
Created directory 'C:\Users\Richard/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in C:\Users\Richard/.ssh/id_ed25519.
Your public key has been saved in C:\Users\Richard/.ssh/id_ed25519.pub.
The key fingerprint is:
SHA256:fXTi96BC8pHrLtqyBOrtKBeWvYSMigOKt9U898rd1Jo admin@example.com
The key's randomart image is:
+--[ED25519 256]--+
|                 |
|                 |
|            o .  |
|         . + o   |
| o +.   S = o o  |
|o *.o+   + + + o |
|*..o..= . + o . .|
|B.o+...=.+ + o   |
| =+oo o+++= E    |
+----[SHA256]-----+
windows 11 ssh key generation powershell

Once the key generation process is complete, you should be able to access the key pair at the location below.

C:\Users\<username>\.ssh

Replacing <username> with your Windows account name.

windows 11 ssh key location

How to copy your public key to the SSH server with Windows 11

Now that you’ve generated your SSH key pair, you will want to copy your public key to the SSH server. On Unix-like systems, ssh-copy-id is a tool for copying SSH keys to the server.

However, Windows doesn’t have ssh-copy-id tool installed. To get your public SSH to the server and enable password-less login, you may have to use PowerShell to do the same in Windows 11.

To copy you SSH key to the server, open Windows Terminal, then copy and paste the line below then press Enter.

type $env:USERPROFILE\.ssh\id_rsa.pub | ssh {IP-ADDRESS} "cat >> .ssh/authorized_keys"

Replace {IP-ADDRESS} with the server IP address.

If you don’t already have a ~/.ssh/authorized_keys file at the destination location, run the Linux commands below to create one. Re-run the command above again to copy your key to the server.

touch ~/.ssh/authorized_keys

How to configure SSH for passwordless login

Now that you’ve copied over your public key, the next step is to disable password authentication.

Logon to the remote server with your password, then open SSH configuration file by running the commands below.

sudo nano /etc/ssh/sshd_config

In the file, find the lines below and change the value to match these.

PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no

Save the file and exit.

Restart SSH server on the remote host.

sudo systemctl restart ssh

After that, password login should be disabled.

Next type simply by typing the command below will log you in without password prompt.

ssh username@server_ip_address

That should do it!

Conclusion:

This post showed you how to generate a SSH key in Windows 11 then use the key to authenticate to a SSH server. If you find any error above or have something to add, please use the comment form below.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.