If you’ve ever managed a Linux server from Windows, you’ve probably used PuTTY or at least heard of it. It’s a great utility and has been a favorite SSH client for years. However, in 2019 Windows 10 started to include an out-of-the-box OpenSSH client, so PuTTY is no longer needed.

Why you should avoid password-based logins

The OpenSSH daemon running on servers has been battle hardened through years of use, abuse, and patching. It is quite rare for a server to be hacked due to a bug in the SSH daemon. However, many burglaries are facilitated by administrators who use weak passwords. Even passwords that seem complex, with letters and numbers, are often susceptible to brute force attacks.

Enter the SSH keys. These cannot be forced by brute force – they are just too complex. If you can, disable password logins in your “sshd_config” file (on the server) and use keys instead. If you’re traveling and can’t take your laptop with you, just keep your private key on a USB stick and attach it to your physical keychain. Your server will be much safer this way.

Generate a public / private SSH key pair

Open Command Prompt from the Start menu and type:

You should get a result similar to the following image,

If you get an “unrecognized command” error, just follow the steps here to install OpenSSH. This will only happen on older versions of Windows 10 that haven’t been upgraded for a very long time.

To generate the public / private key pair, enter this at the command prompt:

At the first prompt, “Enter the file to save the key in,” press Enter to save it to the default location.

At the second prompt, “Enter passphrase (vide for no passphrase)”, you have two options:

  • Press Enter to create an unencrypted key. If you’re the only one using the computer, that’s for sure.
  • Type a password. This will encrypt your key. It is a good idea to do this if you are sharing your computer with someone else. If you intend to carry the stick on a USB stick, definitely use a password here. If you use a strong password and someone steals your USB device key, they will not be able to use it without the password.

When you are done, you will see something similar to the image below.

Windows Ssh Keys Created

About the author


Leave a Comment