How to Send SSH Public Key to Windows Server

For those wondering, “I’ve created a public and private key on the SSH client side, but how do I transfer the public key”?

Saving the SSH public key to a USB memory stick and transferring it to the server is perfectly fine. But if you really want to try sending the key over the network, here’s how you can do it…

How to send SSH public key to Linux server

The generally introduced “ssh-copy-id" command assumes the server is Linux-based. However, this command doesn’t work when the server is Windows.
Here, based on my experience, I’ll introduce a command for cases where the SSH server is running on a Windows machine.

How to send SSH public key to Windows server

Create a directory to save the public key

First, let’s decide a location to save the public key. If the location doesn’t already exist, you’ll need to create the folder before saving the public key.
If you’re saving it to an existing folder, you can skip this step.
If you specify a non-existent path, it will cause an error.

ssh username@hostIPAddress "mkdir C:\pubKey\path"

• username: Login Username for the Windows server
• hostIPAddress: IPAddress for the Windows server
• C:\publey\path: path to the directory you want to save the key
  

Sending the SSH public key

Send the public key to an existing folder on the Windows server. Use the following command. The password will need to be entered only the first time you connect.

ssh username@hostIPAddress "echo $(Get-Content C:\Path\to\id_rsa.pub) >> C:\pubKey\path\authorized_keys"

• username: Login Username for the Windows server
• hostIPAddress: IPAddress for the Windows server
• C:\Path\to\id_rsa.pub: path to the directory saved the public key file in SSH client windows computer
• C:\pubkey\path: Path to the directory you want to save the key in the SSH windows server
• authorized_keys: File name you want to save the pub key
  

Set the sshd_config file

Before starting SSH communication, check and modify the settings in the sshd_config file.

he location of the sshd_config file is typically: C:\ProgramData\ssh\sshd_config

When you open this file, you’ll see various settings. If a line starts with #, it is commented out.

• Password Authentication
  If you want to disable password authentication, change the value to no.
  Remove the # at the beginning of the line.

PasswordAuthentication no

• Pubkey Authentication
  If you want to enable public key authentication, set the value to yes. This will prevent the system from asking for a password during SSH communication.

PubkeyAuthentication yes

• Setting the location to store the public key
  You need to correctly set the location where the public key will be referenced. Since it’s unclear which one will be used, I changed both paths to the correct locations.

AuthorizedKeysFile     C:\pubKey\path\authorized_keys
# In Match Group administrators,
AuthorizedKeyFile　C:\pubKey\path\authorized_keys

• Enable Logging
  When SSH communication isn’t working properly, the logs can be very helpful. Enabling logging will allow logs to be output to a log file.

LogLevel INFO

• Restart sshd
  Open PowerShell and run the following command. To apply the changes of the configuration file, you need to restart sshd.

> Stop-Service -Name sshd
> Start-Service -Name sshd

Test the SSH communication

Running the following command will start the SSH communication. If you can connect to the server without being asked for a password, then everything is set up correctly!

ssh username@hostIPAddress

To end the SSH communication, run the following command:

exit