Difficulty Level: 🟢 Beginner
Risk Level: 🟢 Safe
Learn how to generate SSH keys and connect securely to your server from any operating system.
Your server uses SSH key authentication instead of just passwords for enhanced security.
What you need to know:
💡 TIP: Think of SSH keys like a physical key to your house. The private key stays with you (never share it!), and the public key is like a lock installed on the server.
Choose your operating system below:
Windows 10/11 comes with SSH built-in!
Open PowerShell
Win + XGenerate the key:
# Create .ssh folder if it doesn't exist
mkdir ~/.ssh -ErrorAction SilentlyContinue
# Generate Ed25519 key
ssh-keygen -t ed25519 -C "your_email@example.com"
Follow the prompts:
C:\Users\YourName\.ssh\id_ed25519)Locate your keys:
# View your public key (this is what you share with servers)
cat ~/.ssh/id_ed25519.pub
# Your keys are stored at:
# Private key: C:\Users\YourName\.ssh\id_ed25519
# Public key: C:\Users\YourName\.ssh\id_ed25519.pub
⚠️ WARNING: Never share your private key (
id_ed25519)! Only share the public key (.pubfile).
If you prefer a graphical interface:
Download PuTTYgen:
puttygen.exe for your platformGenerate the key:
Save your keys:
id_ed25519.pubid_ed25519.ppk💡 TIP: PuTTY uses
.ppkformat. OpenSSH uses different format. Keep both if switching between tools!
MobaXterm includes SSH client + key generation:
💡 TIP: To be honest, MobaXterm is by far, one of the best terminal for Windows users.
Download MobaXterm:
Generate SSH key:
id_ed25519id_ed25519.pubmacOS has SSH built into Terminal:
Open Terminal:
Cmd + SpaceGenerate the key:
# Create .ssh folder if it doesn't exist
mkdir -p ~/.ssh
# Generate Ed25519 key
ssh-keygen -t ed25519 -C "your_email@example.com"
Follow the prompts:
/Users/yourname/.ssh/id_ed25519)View your public key:
# Display your public key
cat ~/.ssh/id_ed25519.pub
# Copy to clipboard (optional)
pbcopy < ~/.ssh/id_ed25519.pub
💡 TIP: Use
pbcopyto copy your public key directly to clipboard without selecting text!
All Linux distributions have SSH built-in:
Open Terminal:
Ctrl + Alt + TGenerate the key:
# Create .ssh folder with correct permissions
mkdir -p ~/.ssh
chmod 700 ~/.ssh
# Generate Ed25519 key
ssh-keygen -t ed25519 -C "your_email@example.com"
Follow the prompts:
/home/yourname/.ssh/id_ed25519)View your public key:
# Display your public key
cat ~/.ssh/id_ed25519.pub
Now that you have SSH keys, here's how to connect:
Basic connection:
ssh -p 1077 USERNAME@YOUR_SERVER_IP
Using a specific key file:
# This is where you have to use the PRIVATE file
ssh -i ~/.ssh/id_ed25519 -p 1077 USERNAME@YOUR_SERVER_IP
First-time connection:
yes and press EnterExample session:
$ ssh -p 1077 -i ~/.ssh/id_ed25519 root@192.168.1.100
The authenticity of host '[192.168.1.100]:1077' can't be established.
ED25519 key fingerprint is SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[192.168.1.100]:1077' (ED25519) to the list of known hosts.
Welcome to Ubuntu 24.04 LTS
root@server:~$
💡 TIP: Create an SSH config file to simplify connection:
# Edit SSH config
nano ~/.ssh/config
# Add this content:
Host myserver
HostName YOUR_SERVER_IP
Port 1077
User USERNAME
IdentityFile ~/.ssh/id_ed25519
# Now you can connect with just:
ssh myserver
Basic connection:
ssh -p 1077 USERNAME@YOUR_SERVER_IP
Using a specific key file:
ssh -i $env:USERPROFILE\.ssh\id_ed25519 -p 1077 USERNAME@YOUR_SERVER_IP
Create an SSH config file (Windows):
# Create config file
notepad $env:USERPROFILE\.ssh\config
# Add this content:
Host myserver
HostName YOUR_SERVER_IP
Port 1077
User USERNAME
IdentityFile C:\Users\YourName\.ssh\id_ed25519
# Save and close, then connect with:
ssh myserver
💡 TIP: If you get "command not found", you may need to enable OpenSSH Client in Windows Features.
PuTTY is a popular Windows SSH client:
Download PuTTY:
putty.exeConvert your key (skip this step if your key is already in .pkk format):
id_ed25519)id_ed25519.ppkConfigure connection:
YOUR_SERVER_IP1077Add your private key:
.ppk fileSave session (optional):
Connect:
MobaXterm is an all-in-one terminal with built-in SSH:
Start a new session:
Configure connection:
YOUR_SERVER_IPUSERNAME1077Advanced SSH settings:
id_ed25519 or id_ed25519.ppk)Save and connect:
💡 TIP: MobaXterm shows a file browser sidebar - makes it easy to transfer files!
Possible causes:
Solutions:
# Verify you're using correct port
ssh -p 1077 USERNAME@YOUR_SERVER_IP
# Test if port is open
telnet YOUR_SERVER_IP 1077
# Or on Windows PowerShell:
Test-NetConnection -ComputerName YOUR_SERVER_IP -Port 1077
Possible causes:
Solutions:
# Verify username is correct
ssh -v -p 1077 USERNAME@YOUR_SERVER_IP
# The -v flag shows verbose output for debugging
# Try specifying key explicitly
ssh -i ~/.ssh/id_ed25519 -p 1077 USERNAME@YOUR_SERVER_IP
# Check key permissions (Unix/Mac/Linux only)
chmod 600 ~/.ssh/id_ed25519
chmod 644 ~/.ssh/id_ed25519.pub
This appears if:
Solution:
# Remove old host key
ssh-keygen -R [YOUR_SERVER_IP]:1077
# On Windows PowerShell:
ssh-keygen -R "[YOUR_SERVER_IP]:1077"
# Then try connecting again
⚠️ WARNING: Only do this if you're certain the server change is legitimate!
Possible causes:
Solutions:
# Use IP address instead of domain name
ssh -p 1077 USERNAME@192.168.1.100
# Test DNS resolution
ping yourdomain.website
nslookup yourdomain.website
Issue: PuTTY requires .ppk format, not OpenSSH format
Solution:
.ppk.ppk file in PuTTYSee detailed connection information:
# Mac/Linux/PowerShell
ssh -vvv -p 1077 USERNAME@YOUR_SERVER_IP
# This shows:
# - Which keys are being tried
# - Authentication methods attempted
# - Where the connection is failing
Before trying to SSH, test basic connectivity:
# Test if server is reachable
ping YOUR_SERVER_IP
# Test if SSH port is open (Mac/Linux)
nc -zv YOUR_SERVER_IP 1077
# Test if SSH port is open (Windows PowerShell)
Test-NetConnection -ComputerName YOUR_SERVER_IP -Port 1077
# Try connecting with maximum verbosity
ssh -vvv -p 1077 USERNAME@YOUR_SERVER_IP
You should now be able to:
Connection command (Terminal/PowerShell):
ssh -p 1077 USERNAME@YOUR_SERVER_IP
Your SSH key locations:
C:\Users\YourName\.ssh\id_ed25519/Users/yourname/.ssh/id_ed25519/home/yourname/.ssh/id_ed25519Important reminders:
.pub (public) key fileNext Guide: 03 - Security & Access Management
Previous Guide: 01 - Getting Started
Back to: Documentation Home