← Back
🪟 Windows — Generate SSH Key
1

Generate Ed25519 Key Pair

Creates a private key + public key in your .ssh folder.

PowerShell 
ssh-keygen -t ed25519 -C "[email protected]"
When prompted:
Enter file in which to save the key (C:\Users\YOU/.ssh/id_ed25519): [Press Enter for default]
Enter passphrase (empty for no passphrase): [Type a passphrase or Enter to skip]
Enter same passphrase again: [Confirm passphrase]
2

Verify Keys Were Created

You should see two files: private key and public key (.pub).

PowerShell 
ls ~/.ssh/id_ed25519*
Mode          LastWriteTime    Length Name
----          -------------    ------ ----
-a---         2026-03-12       411    id_ed25519       # Private key (NEVER share)
-a---         2026-03-12       100    id_ed25519.pub  # Public key (share this)
3

Copy Your Public Key

Display the public key to copy it. You'll need this for the Linux side.

PowerShell 
# Display the public key
cat ~/.ssh/id_ed25519.pub
PowerShell — Copy to clipboard 
# Or copy directly to clipboard
Get-Content ~/.ssh/id_ed25519.pub | Set-Clipboard
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... [email protected]
🐙 GitHub — Add SSH Key
4

Add Public Key to GitHub

Adding your key to GitHub lets you clone/push via SSH and also lets Linux servers import it with curl.

PowerShell — Copy key to clipboard 
Get-Content ~/.ssh/id_ed25519.pub | Set-Clipboard

Then go to GitHub:

1. Go to github.com → Settings → SSH and GPG keys → New SSH key
2. Title: My Windows PC (any name you want)
3. Key type: Authentication Key
4. Paste the public key from clipboard
5. Click Add SSH key
PowerShell — Test GitHub SSH 
ssh -T [email protected]
Hi YOUR-USERNAME! You've successfully authenticated, but GitHub does not provide shell access.
Once on GitHub, any Linux server can import your key with: curl -s https://github.com/USERNAME.keys
4+

Switch Existing Repos to SSH

If you cloned repos via HTTPS before, switch them to use SSH.

PowerShell 
# Check current remote URL
git remote -v

# Switch from HTTPS to SSH
git remote set-url origin [email protected]:USERNAME/REPO.git

# Verify
git remote -v
4+

Clone Repos via SSH

Use the SSH URL instead of HTTPS when cloning new repos.

PowerShell 
# HTTPS (old way — asks for password/token)
git clone https://github.com/USERNAME/REPO.git

# SSH (new way — uses your key, no password)
git clone [email protected]:USERNAME/REPO.git
🐧 Ubuntu Linux — Import Public Key
5

Add Public Key to Server

Create the .ssh directory, add your public key, and set permissions.

bash — Setup directory 
mkdir -p ~/.ssh && chmod 700 ~/.ssh
bash — Option A: nano editor 
nano ~/.ssh/authorized_keys
# Paste the public key, save with Ctrl+O, exit with Ctrl+X
bash — Option B: Import from GitHub 
curl -s https://github.com/YOUR-USERNAME.keys >> ~/.ssh/authorized_keys
bash — Set permissions 
chmod 600 ~/.ssh/authorized_keys
chown -R $USER:$USER ~/.ssh
🔒
Required permissions: ~/.ssh = 700, authorized_keys = 600. SSH will silently reject the key if these are wrong.
6

Test the Connection

From your Windows PowerShell, test passwordless login.

PowerShell 
ssh user@server-ip
Welcome to Ubuntu 24.04 LTS
Last login: Wed Mar 12 10:30:00 2026 from 10.10.1.50
user@server:~$  # No password prompt = success!
7

Disable Password Authentication (Recommended)

After confirming key-based login works, disable password auth to prevent brute-force attacks.

bash 
# Create SSH hardening drop-in (Ubuntu 24.04 recommended method)
sudo tee /etc/ssh/sshd_config.d/99-no-password.conf <<'EOF'
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM yes
EOF
bash — Restart SSH 
# Validate config first, then restart
sudo sshd -t && sudo systemctl restart sshd
⚠️
Do NOT close your current SSH session! Open a new terminal and test ssh user@server-ip before closing. If it fails, you still have your open session to fix it.
🔧

Troubleshooting

bash — Debug SSH connection 
# From Windows — verbose SSH to see what's happening
ssh -vvv user@server-ip
bash — Check server-side SSH logs 
# On the Linux server
sudo journalctl -u sshd -n 30 --no-pager
bash — Verify permissions 
# All of these must be correct or SSH key auth silently fails
ls -la ~/.ssh/
# Expected:
# drwx------  .ssh/                (700)
# -rw-------  authorized_keys      (600)
bash — Fix SELinux context (if applicable) 
# Only needed if SELinux is enabled
restorecon -Rv ~/.ssh/