How to generate SSH keys on Windows

July 12, 2012 - 23:46

Generating SSH keys and using them for connecting to SSH servers is a straightforward process on Linux. But for Windows users, Windows does not provide any support for the SSH protocol by default. There is no SSH client that comes by default on Windows. Let alone generating keys.

Let us see how easily we do it on Linux:

Key generation in LINUX

You can generate the keys using the ssh-keygen command on the Linux Teminal:

user@host:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): Just press ENTER here
Enter passphrase (empty for no passphrase): Enter a passphrase
Enter same passphrase again: Enter the same passphrase 
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/
The key fingerprint is:
d8:9e:1c:9a:4b:ae user@host
The key's randomart image is:
+--[ RSA 2048]----+
| 	o.        |
|	..o       |
|  . .= o         |
|   =+o+o         |
|   o*.B S        |
|   oo+ = .       |
|  ..o .      	  |
|  E.             |
|                 |

By now, you should have the files id_rsa and in the .ssh folder in your home directory. This is how you generate the key pair in linux. The file is your public key and id_rsa is your private key. In the public key authentication process with the developed public key you will be able to login to the server. There will be a passwordless authentication process.

Anyway, to save those still using Windows, we have Putty ( ), the free SSH terminal client, for your connecting needs, and puttygen, for your key generation needs.

Key generation in Windows

The public/private key generation in windows is made possible by a tool called puttygen. With which you can develop the key pair which is required for public key authentication. Here several things are to be noted to avoid problems or errors. The main problem that I faced while trying to login from a windows machine to the server were the "keys problem". I have tried a whole lot of things and generated a several set keys as each time I tried to login it shows a different set of errors. In the initial case the error was "Unable to process the key" and later I realised that the public key generated should be converted to a one-line format. After fixing this error I also tried to have a go. But had come up with a new error message saying that the “Server refused our key”, and later I started to compare the keys generated in a linux machine and a windows machine. And the real solution to the problem has been obtained.

The RSA keys generated in linux machines are of 2048 bits default value and minimum size is 768 bits, whereas the keys generated in windows where 1024 bits. In puttygen there was an option to select the size of the key and it was set as default 1024 bits. In the next problem solving step I changed the default key size value from 1024 to 2048 bits. And thus generated a public/private key pair of 2048 bits size. This time the problem was solved. By setting the auto login user-name, I could login to the system with the public key, no password authentication step was involved.

Post your comments / questions