How to generate SSH key pair on Windows

SSH keys are cryptographic keys that enable secure communication between a client and a server by removing the need for password-based logins. The public key resides on the server, while the private key remains on the client, protecting sensitive information and minimizing the risk of unauthorized access. This approach is recommended in environments where robust security measures are a priority.

On Windows, PuTTY Key Generator (often referred to as PuTTYgen) is a widely-used tool for creating SSH key pairs. It supports multiple algorithms, including RSA, DSA, ECDSA, and EdDSA, and allows selection of key sizes ranging from 1024 to 4096 bits. PuTTYgen runs seamlessly on Windows and other operating systems, ensuring flexibility for users managing SSH keys across different platforms.

Many Linux and macOS configurations include the native ssh-keygen utility for key generation, whereas PuTTYgen is preferred in Windows environments for its user-friendly interface. Choosing the right key type and size depends on operational and security requirements, and PuTTYgen simplifies this process without sacrificing technical control.

1. Download PuTTY Key Generator (PuTTYgen) for your CPU architecture from the official download site.

   Related: PuTTYgen official download site

2. Launch PuTTYgen.
3. Select the type of key to generate and the size of the key in the Parameters section.

   Use default values if you're not sure about the parameters.

4. Click on the Generate button.
5. Move your mouse around the blank area create some randomness as a seed for the key.
6. Edit the key's comment if necessary.
7. Enter a passphrase to protect the key if necessary.
8. Click the Save public key button to save your public key.

   Copy the content of the displayed public key instead if you want to place it in an OpenSSH server's authorized_keys file for public key authentication method.

9. Choose a location and provide a filename, and click on the Save button.
10. Click on the Save private key button to save the private key.

    Keep the private key file secure, and do not share it with unauthorized individuals.

11. Enter the location and file name for the private key and click on the Save button.
12. Convert the generated private key to OpenSSH format to use the key with OpenSSH client.

    Related: How to convert PPK key to OpenSSH using PuTTYGen