Appearance

Setting Up SSH Keys & Config (for macOS and Windows)

When you start working with remote servers or cloud instances, you’ll often use SSH (Secure Shell) to connect securely. Instead of typing your password every single time, you can set up an SSH key — a much faster and safer way to log in.

Let's go through how to set it up on both macOS and Windows — clearly, simply, and with some practical tips along the way.

Important Note: Remote System Access Required

Important Note: To connect your local system to a remote system, you must have access to the remote system and ensure it is properly configured with an SSH server running. If you currently lack access to a remote system, you can still review all the sections in this and upcoming pages to gain a solid understanding before implementing it when you have access to a remote server.

What Is an SSH Key?

Think of an SSH key as a digital ID card that lets a remote server recognize and trust your computer. It has two parts:

  • Public key → shared with the remote server (like adding your name to the guest list)
  • Private key → stays safe on your computer (like your ID card that you never hand over)

When you connect, your system uses your private key to prove who you are — the server checks it against your public key, and if they match, you’re in.

macOS Setup

Step 1 — Check if you already have SSH keys

Open Terminal and run:

bash
ls ~/.ssh

If you see files like id_ed25519 and id_ed25519.pub, you already have a key pair. If not, let’s create one.

Step 2 — Create a new SSH key pair

Run:

bash
ssh-keygen -t ed25519 -C "youremail@example.com"

If your Mac is older and doesn’t support ed25519, use:

bash
ssh-keygen -t rsa -b 4096 -C "youremail@example.com"

Press Enter to accept the default file location (/Users/yourname/.ssh/id_ed25519). You’ll then be asked to set a passphrase — this is optional. Leave it blank for convenience or add one for extra security.

Step 3 — Add your key to the SSH agent

Run these commands:

bash
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519

Your Mac will now automatically use this key when connecting to servers.

Step 4 — Copy your public key to the remote server

If ssh-copy-id is available, use:

bash
ssh-copy-id username@server_ip

If not, copy it manually:

  1. View your public key:

    bash
    cat ~/.ssh/id_ed25519.pub

  2. Copy everything printed and paste it into your remote server’s file:

    ~/.ssh/authorized_keys

Now try logging in:

bash
ssh username@server_ip

You should connect instantly without entering a password.

Step 5 — (Optional) Create an SSH config file

If you connect to multiple servers, create a config file to save their details.

bash
nano ~/.ssh/config

Add:

Host myserver
    HostName 192.168.1.20
    User ubuntu
    IdentityFile ~/.ssh/id_ed25519

Now you can connect with just:

bash
ssh myserver

Windows Setup

Modern versions of Windows 10 and Windows 11 include SSH built right into PowerShell, so you don’t need to install or use WSL.

Step 1 — Open PowerShell and check for SSH keys

Open PowerShell and type:

bash
dir $env:USERPROFILE\.ssh

If you see files like id_ed25519 or id_ed25519.pub, you already have keys. If not, let’s make them.

Step 2 — Create a new SSH key pair

Run this in PowerShell:

bash
ssh-keygen -t ed25519 -C "youremail@example.com"

When it asks where to save the key, just press Enter to use the default path:

C:\Users\<YourUsername>\.ssh\id_ed25519

You can set a passphrase (optional) or leave it blank.

Step 3 — Add your key to the SSH agent

Start the SSH agent service and add your key:

bash
Start-Service ssh-agent
ssh-add $env:USERPROFILE\.ssh\id_ed25519

This keeps your key ready for future SSH connections.

Step 4 — Copy your public key to the remote server

View your public key:

bash
Get-Content $env:USERPROFILE\.ssh\id_ed25519.pub

Copy the whole line and paste it into your remote server’s:

~/.ssh/authorized_keys

Now test it:

bash
ssh username@server_ip

If it logs you in without a password, it’s working perfectly.

Step 5 — (Optional) Add shortcuts with SSH config

Create or edit a config file:

bash
notepad $env:USERPROFILE\.ssh\config

Add something like this:

Host myserver
    HostName 192.168.1.20
    User ubuntu
    IdentityFile C:\Users\<YourUsername>\.ssh\id_ed25519

Save and close the file. Now you can just type:

bash
ssh myserver

and you’ll connect right away — no need to remember IPs or usernames.

Notes

  • Keep your private key safe — never share or upload it anywhere.
  • Your public key (the one ending in .pub) is safe to share with servers or GitHub.
  • Both macOS Terminal and Windows PowerShell have SSH built in — no need for extra software.
  • For cloud providers (AWS, GCP, DigitalOcean), you can upload your public key once, and it’ll work for all your instances.
  • If something breaks, you can always delete your old keys and generate new ones — it’s quick and safe.

Summary

Setting up SSH keys simplifies and secures your connection to remote servers. This guide covers creating and managing SSH keys on macOS and Windows, including generating key pairs, adding them to the SSH agent, and configuring shortcuts for multiple servers. Follow these steps to streamline your workflow and enhance security.