Setting Up Git SSH Key on Windows

I recently bought a new laptop and went through the hassle of setting up Git SSH key again. There are many guides somewhere on the Internet but it’s all over different places and they tell you to do different things with different outcomes. Also, the guide from GitHub is less than ideal as it requires using “Git Bash” which I do not like. So I’m writing things down for my future reference.

Enable OpenSSH on Windows

For newer systems, like Windows 10 and above, OpenSSH comes with Windows, but it may not yet be enabled by default. So go find Windows settings’ optional features and make sure “OpenSSH Client” is enabled.

Even after the feature is enabled, there is a SSH Agent that would still be disabled. So go to Services (Win + R and then services.msc), find “OpenSSH Authentication Agent”, double-click to open its Properties, and change the option Startup Type to Automatic (Delayed Start). Also, since you’re here, if the service is not running, you should start it.

Install Git for Windows

Then, go ahead and install Git for Windows. Most of the settings are fine as the default. For me, I’ve chosen to use VS Code as default editor. At the prompt “Choosing SSH executable”, you should choose “Use external OpenSSH”. This is because we want to use the SSH client that comes with Windows.

    Generate Key Pair

    After this, you can generate a SSH key pair on Windows Terminal: either PowerShell or Command Prompt is fine.

    ssh-keygen -t ed25519 -C "<COMMENT>"

    The “-C” argument passes a comment. You can change it to whatever you want, put your e-mail and the purpose of this key.

    Follow the prompts: it should ask you the location to save the key, and whether you want to set a passphrase or not.

    For key location, you can leave it as default, which will be generated at “C:\Users\$USERNAME\.ssh\id_ed25519” (where “$USERNAME” is your current user directory name). If you change the location, take note of the location as it will be used later on.

    For passphrase, I recommend setting a passphrase to make it more secure so that if someone are able to gain access to the key files, they would still need the passphrase to decode it.

    Add Key to SSH Agent

    After generating the key pair, you should add it to the current SSH agent.

    First, we should ensure that the SSH agent is running. In PowerShell or Command Prompt, run the following:


    Then, we can add the key to the SSH agent using “ssh-add” command. Replace “path\to\key” with the path to the key pair location generated in the previous section.

    ssh-add path\to\the\key

    If it asks for the passphrase, provide it. You will only need to provide the passphrase this time only. The SSH Agent that comes with Windows should be able to auto-decode the key when the service starts.

    Add Key to GitHub

    After this, you can add the SSH public key to your GitHub account. After that, you should be able to clone repositories using SSH.

    And we’re done!


    In older guides where OpenSSH Client is not bundled from Windows, you might either be guided to use OpenSSH client bundled together with Git for Windows, or use PuTTY/Pageant program. Both approaches are good enough, however they can be annoying if you set a passphrase to your key-pair as both approaches will ask you for the passphrase when the service restarts.

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.