Windows 11 includes an OpenSSH client b default. You can use it directly from the PowerShell or command prompt terminal.
Connecting to a Linux server
Open a terminal and run the following command:
ssh [email protected]Replace username with your Linux server username and 12.34.56.78 with the server’s IP address.
The first time you connect, you’ll be prompted to accept the host key. After that, enter your password to log in.
To log out, run the exit command or press Ctrl+D.
If your Linux server has a different SSH port, let’s say 10322, use the -p flag:
ssh [email protected] -p 10322Downloading/uploading files between your Windows client and a Linux server
Use WinSCP for that.
Tools
Additional Resources
- https://learn.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse?tabs=gui
- https://docs.bitnami.com/aws/faq/get-started/access-ssh-tunnel/
- https://docs.vultr.com/port-forwarding-and-proxying-using-openssh
Managing SSH Keys with OpenSSH and Bitwarden
1. Set up your environment
Create the SSH directory if it doesn’t exist:
mkdir -p $env:USERPROFILE\.ssh2. Generate SSH Key Pair
Open PowerShell and generate an Ed25519 key (recommended):
ssh-keygen -t ed25519 -C "[email protected]"Or RSA if required:
ssh-keygen -t rsa -b 4096 -C "[email protected]"When prompted:
- Save to default location (
%USERPROFILE%\.ssh\id_ed25519orid_rsa) - Set a strong passphrase
This creates two files:
- Private key:
id_ed25519(no extension) - Public key:
id_ed25519.pub
3. Store in Bitwarden
Step 1. Open Bitwarden and create a new Secure Note
Step 2. Title: “SSH Key - [Purpose]” (e.g., “SSH Key - Work Laptop 2024”)
Step 3. Add attachments:
- Browse to
%USERPROFILE%\.ssh\ - Attach both
id_ed25519andid_ed25519.pub
Step 4. Add to notes:
Server: example.com
Username: myuser
Key Type: Ed25519
Created: [Date]
Passphrase: [your-passphrase]
Public Key:
[paste contents of id_ed25519.pub here]
Usage:
1. Download private key
2. Save to ~/.ssh/id_ed25519
3. Set permissions: chmod 600 ~/.ssh/id_ed25519Step 5. Add tags: “ssh”, “credentials”, “work” Step 6. Save
4. Deploy to Server
Copy your public key to the server:
# Method 1: Using ssh-copy-id (if available)
ssh-copy-id -i ~/.ssh/id_ed25519.pub username@example.com
# Method 2: Manual copy
type $env:USERPROFILE\.ssh\id_ed25519.pub | ssh username@example.com "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"Verify the connection:
ssh -i $env:USERPROFILE\.ssh\id_ed25519 username@example.com5. Recovery Process
If you need to recover access from a new device:
Step 1. Install OpenSSH client if not present:
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0Step 2. Create SSH directory:
mkdir -p $env:USERPROFILE\.sshStep 3. Download private key from Bitwarden
Step 4. Save as %USERPROFILE%\.ssh\id_ed25519
Step 5. Set correct permissions:
icacls "%USERPROFILE%\.ssh\id_ed25519" /inheritance:r /grant:r "%USERNAME%":"F"Step 6. Test connection:
ssh -i $env:USERPROFILE\.ssh\id_ed25519 username@example.comStep 7. After recovery, generate new keys and update servers
Connecting to Servers with SSH Keys
Step 1. Basic connection with default key location:
ssh username@192.168.1.100Step 2. Specify a different port (e.g., 10322):
ssh -p 10322 username@192.168.1.100Step 3. Explicitly specify which key to use:
ssh -i $env:USERPROFILE\.ssh\id_ed25519 username@192.168.1.100Step 4. For multiple servers/keys, create a config file at %USERPROFILE%\.ssh\config:
Host myserver1
HostName 192.168.1.100
User username
Port 22
IdentityFile ~/.ssh/id_ed25519
Host myserver2
HostName 192.168.1.200
User otheruser
Port 10322
IdentityFile ~/.ssh/id_rsaThen connect using the alias:
ssh myserver1💡 Tip: After adding your key to a server, you won’t need to enter a password. You’ll only need the key’s passphrase (if you set one).