How to Generate SSH Keys for GitHub on Windows

Here's a quick way to set up SSH keys for GitHub from a Windows machine.

I wrote a PowerShell one-liner that will generate the SSH keys for you and copy them to your clipboard automatically. It's quick and easy to use, and checks to see if you already have SSH keys you can use.

Here's how to use it:

  • Open PowerShell.exe and copy and paste the following one-liner into the PowerShell prompt to run it:

    1if (-not(Test-Path "$env:USERPROFILE\.ssh\id_rsa.pub" -PathType Leaf) -or -not(Test-Path "$env:USERPROFILE\.ssh\id_rsa" -PathType Leaf)){echo 'y' | ssh-keygen.exe -f $env:USERPROFILE\.ssh\id_rsa -q -N '""'} type $env:USERPROFILE\.ssh\id_rsa.pub | Set-Clipboard
    

Now your SSH keys are generated and copied to your clipboard.

Now that you have the contents of the file copied, we need to give it to GitHub. Follow the instructions below to do so.

  1. Now go to GitHub settings.

    • Alternatively, go to GitHub.com and click on your profile picture and select Settings
  2. Under the Access section, select SSH and GPG keys

  3. Press the New SSH Key button

    • Give your key a Title, something like "Personal PC" or "Work Laptop"
    • Past the contents of your clipboard into the Key section
    • Press Add SSH key

Now you're done, have fun committing.

If you're curious to see how the script works, here's a cleaned up version that's easier to read.

 1$Private_Key = "$env:USERPROFILE\.ssh\id_rsa"
 2$Public_Key = "$env:USERPROFILE\.ssh\id_rsa.pub"
 3
 4# Check to see if both the public and private keys already exist so we dont overwrite them.
 5# If either of them are missing, regenerate them.
 6if (-not(Test-Path $Public_Key -PathType Leaf) -or -not(Test-Path $Private_Key -PathType Leaf))
 7{ 
 8    echo 'y' | ssh-keygen.exe -f $env:USERPROFILE\.ssh\id_rsa -q -N '""'
 9} 
10
11# Print the contents of id_rsa.pub and copy them into the clipboard
12type $env:USERPROFILE\.ssh\id_rsa.pub | Set-Clipboard

I went ahead and defined $Private_Key and $Public_key to make the script easier to read. They define the default location of id_rsa and id_rsa.pub files.

After defining the locations of the keys, we check to see if they BOTH exist. If either of them is missing (or not named id_rsa or id_rsa.pub) then a new pair of keys is generated.

Typically, running ssh-keygen.exe on its own would run us through a set of prompts to configure the keys. However, to automate this process, there are a few things we can do.

If the -f flag is specified to set the filepath, we can forcefully overwrite the existing files by providing the confirmation character 'y'. So we can use the command echo 'y' to give that input to ssh-keygen.exe.

We also typically have to hit Enter twice in order to skip inputting a passphrase. Instead of dealing with that, we can use the -N flag. According to the ssh-keygen man page, the -N flag allows us to provide a new passphrase. In the context of this article, we don't want to use a passphrase, so we leave it blank by giving the value '""'.

And, just to keep things quiet, we can use the -q flag. While it's not necessary, it keeps ssh-keygen.exe from outputting the key fingerprint and randomart image into the console, keeping the general output of the script clean.