p+++ title = “Creating SSH key pairs on Windows” description = “How to create key pairs for use with Anvil on Windows” +++

To create SSH keys on Windows, a companion program to the popular SSH client PuTTY will be used.  Download and install the PuTTY package (64-bit x86 .msi installer) from this link. This will install both PuTTY itself and the PuTTYgen program to generate the key pair.

Once installed, start PuTTYgen.  Click the Generate key to create the key pair.

You will be promoted to move the mouse in a random fashion within the window for several seconds to create the key.  Once the key is generated, the public and private keys need to be saved to different files.  The public key is in the text box near the top of the PuTTYgen window.  Right click within the box and choose Select All.   

Either right-click again and choose Copy or use Ctrl-C to copy the key text.  Paste the key into a text editor of your choice.  Save the file somewhere convenient, making sure to save the key as plain text only.  This public key will later be added to your Anvil account for SSH access to your instances.

The filename does not matter. By convention, both keys are named the same, with a ‘.pub’ extension added to the public one.  For example, the public key would be named anvil_key.pub, and the private key just anvil_key.

The private key will actually need to be saved twice.  This is because PuTTY uses its own PPK format for private keys, and the command-line ssh program uses the OpenSSH format.  Depending on which program you’re using to connect, you’ll need to use the appropriate file.  

To save the private key for use with the ssh command, choose Export OpenSSH key under the Conversions menu.

A pop-up box will appear warning about saving the key without a passphrase; select Yes to continue.

Save the OpenSSH private key somewhere convenient.  

To save the PuTTY format file, click the Save private key button.

An identical warning box to before will appear; click Yes to continue.

You may need to change the filename slightly to avoid overwriting the OpenSSH key file.  Save the .ppk file somewhere convenient.

Treat the private key file the same as you would a password.  Keep your private key in a secure location and do not share it with anyone.