Generate SSH Keys and use them in GitHub¶

This guide will walk you through creating a secure SSH key pair, adding it to the SSH agent, and connecting it to your GitHub account using Windows PowerShell. SSH keys provide a secure way to authenticate with GitHub and avoid entering your password for every git operation.

SSH keys are a way to authenticate securely to GitHub without using a password. This guide covers the process for Windows users using PowerShell.

Step 1: Check for Existing SSH Keys¶

Open PowerShell and list existing keys:

ls ~/.ssh/

Typical SSH key files have names like id_rsa, id_ed25519, or custom names.

If you see files ending with .pub (such as id_ed25519.pub), you already have public keys.
If you see private keys (without .pub), you can use them or generate a new one.
If there are no files, proceed to generate a new key.

Note

If you already have keys then you need to be care as these steps will create new ones. Any easy option is to create the new SSH keys with distinct name so they do not override existing keys

Step 2: Generate a New SSH Key Pair¶

In your Powershell, run:

ssh-keygen -t ed25519 -C "your_email@example.com"

Replace "your_email@example.com" with your actual email address.
Ed25519 is recommended for security and performance.

When prompted:

Enter file in which to save the key
- Press Enter to accept the default (~/.ssh/id_ed25519)
- Or type a custom name (e.g., ~/.ssh/github_ed25519) if you want to keep keys organized per service.
Enter passphrase (optional)
For extra security, enter a strong passphrase.
Or, press Enter to leave blank (not recommended for critical use).

Sample output:

Generating public/private ed25519 key pair.
Enter file in which to save the key (/c/Users/YourUser/.ssh/id_ed25519):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /c/Users/YourUser/.ssh/id_ed25519
Your public key has been saved in /c/Users/YourUser/.ssh/id_ed25519.pub

Step 3: Add Your SSH Key to the ssh-agent¶

PowerShell¶

Start the SSH agent:

Start-Service ssh-agent

Enable automatic start (optional):

Get-Service ssh-agent | Set-Service -StartupType Automatic

Add your SSH key (replace with your actual filename if you used a custom name):

ssh-add ~/.ssh/id_ed25519

Warning

If you get an error starting the ssh-agent then you may need to use PowerShell in Administrator mode

Step 4: Add Your SSH Key to GitHub¶

Copy the public key to your clipboard (Use the correct file name: if custom, change accordingly)

Get-Content ~/.ssh/id_ed25519.pub | clip

Add the key to GitHub:
- Go to GitHub.com
- Click your profile photo (top right) → Settings
- In the sidebar, select SSH and GPG keys
- Click New SSH key
- Set a title (e.g., "Work Laptop - Windows 11")
- Paste your key into the Key field
- Click Add SSH key

Step 5: Test Your SSH Connection¶

Verify your setup:

ssh -T git@github.com

Expected output:

Hi username! You've successfully authenticated, but GitHub does not provide shell access.

If you see "access denied" or similar errors, see the troubleshooting section.

Troubleshooting¶

Access denied or permission errors¶

Double-check you added the correct public key to GitHub.
Ensure ssh-agent is running and your key is added (ssh-add -l shows loaded keys).
Make sure you are copying the .pub file, not the private key!

Multiple keys or custom key names¶

If you have several keys, specify which key to use by editing (or creating) an SSH config file:
Save as ~/.ssh/config
Make sure its saved as UTF-8 encoding

Host github.com
  HostName github.com
  User git
  IdentityFile ~/.ssh/github_ed25519
  AddKeysToAgent yes

Permission denied (publickey)¶

Ensure your key file permissions are correct:

chmod 600 ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519.pub

Agent not starting / Windows issues¶

Restart your computer.
Make sure you’re using compatible terminals (latest PowerShell, Git Bash).

Security Reminder:
Never share your private SSH key! Always keep it secure and backed up.