Stop Typing Your
Password Every Time
A real guide to SSH keys on Linux, Mac, and Windows
I used to type my server password probably a dozen times a day. Then one afternoon I finally sat down and set up SSH keys, and I genuinely could not believe I had waited so long. It took maybe ten minutes. Now I just type ssh user@server and I'm in — no password, no friction.
Here's the thing: the guides out there are either too simple (they just show you one command) or too long (they explain cryptography for 20 paragraphs before getting to the point). This is neither. This is the guide I wish I'd had — covering Linux, Mac, and Windows side by side, with a clear comparison at the end.
Let's get into it.
First — What Actually Are SSH Keys?
When you SSH into a server, you need to prove you're you. Normally that's a password. SSH keys do the same job, but with cryptography instead.
You get two files:
- Private key — lives on your machine, never leaves it
- Public key — goes on the server you want to access
When you connect, the server checks if your private key matches the public key it has on file. Match? You're in. No password needed.
The padlock analogy: Give the server your padlock (public key). Keep the key to open it (private key). Anyone can have the padlock — only you can open it.
Linux
SSH Keys on Linux
Linux is where SSH was born, and every distro — Ubuntu, Debian, Fedora, Arch, you name it — ships with OpenSSH pre-installed. Open your terminal and you're ready to go right now.
Step by step
Generate your key pair Run this in your terminal. That's all you need to start.
ssh-keygenIt'll ask where to save it — just hit Enter for the default (
~/.ssh/id_rsa). Then it asks for a passphrase. Optional, but smart if you're on a shared machine.Copy your public key to the server Linux has a beautiful little command for this:
ssh-copy-id user@your-server-ipEnter your server password one last time. This is the last time you'll ever need it.
Test it
ssh user@your-server-ipYou should land straight in. No password prompt. First time this happens feels weirdly satisfying.
Your key files
They live in ~/.ssh/:
id_rsa— your private key. Guard it.id_rsa.pub— your public key. Safe to share with servers.
Never copy id_rsa anywhere. If someone gets your private key, they get access to every server that trusts it.
macOS
SSH Keys on macOS
Every Mac comes with SSH pre-installed. Always has. You don't need Homebrew or any extra tools. Just open Terminal — Cmd + Space, type "Terminal" — and you're already set up.
The process is nearly identical to Linux, which is no surprise since macOS is Unix under the hood.
Step by step
Open Terminal and generate your key
ssh-keygenDefault location is
~/.ssh/id_rsa. Press Enter to accept. Passphrase is optional — worth adding on a laptop that travels with you.Copy your public key to the server
ssh-copy-id user@your-server-ipSame command as Linux. Type your password this one last time.
Test it
ssh user@your-server-ipStraight in. Done.
Mac tip: You can add your key to the macOS Keychain so you don't have to re-enter your passphrase after every reboot: ssh-add --apple-use-keychain ~/.ssh/id_rsa
Your key files
Same as Linux — they live in ~/.ssh/ in your home folder. Private key is id_rsa, public key is id_rsa.pub.
Windows
SSH Keys on Windows
Windows used to be annoying for this — you had to install PuTTY and deal with a completely different key format. But since Windows 10, OpenSSH is built right in. Same commands, same flow, no extra software needed.
First — check that OpenSSH is installed
Open PowerShell (search for it in the Start menu) and run:
ssh -VSee a version number? You're good. If not, go to Settings → Apps → Optional Features and install "OpenSSH Client".
Step by step
Generate your key pair in PowerShell
ssh-keygenKeys will be saved to
C:\Users\YourName\.ssh\by default. Hit Enter to accept. Add a passphrase or skip it — your call.Copy your public key to the server Windows doesn't have
ssh-copy-idbuilt in, so use this instead:type $env:USERPROFILE\.ssh\id_rsa.pub | ssh user@your-server-ip "cat >> ~/.ssh/authorized_keys"Yeah, it's a mouthful. Copy-paste it. You'll enter your server password one last time here.
Test it
ssh user@your-server-ipIn without a password. It works.
Your key files (Windows)
Located at C:\Users\YourName\.ssh\:
id_rsa— private key. Don't share.id_rsa.pub— public key. Goes on servers.
WSL users: If you use Windows Subsystem for Linux, the Linux steps work perfectly inside WSL. Most developers prefer that path.
Side-by-Side Comparison
All three platforms — same task, different details.
| What | 🐧 Linux | 🍎 macOS | 🪟 Windows |
|---|---|---|---|
| SSH pre-installed? | Yes, always | Yes, always | Yes (Win 10/11) |
| Where to run commands | Terminal | Terminal | PowerShell |
| Generate key command | ssh-keygen | ssh-keygen | ssh-keygen |
| Copy key to server | ssh-copy-id user@host | ssh-copy-id user@host | Long type | ssh command |
| Key location | ~/.ssh/ | ~/.ssh/ | C:\Users\You\.ssh\ |
| Private key file | id_rsa | id_rsa | id_rsa |
| Public key file | id_rsa.pub | id_rsa.pub | id_rsa.pub |
| Keychain/agent support | ssh-agent | macOS Keychain | Windows ssh-agent |
| Overall difficulty | Easy | Easy | Medium |
The Rules — Don't Skip These
Never share your private key
The private key (id_rsa) is your identity. If someone gets it, they get into every server that trusts it. Treat it like a password — actually, treat it better.
Back it up
If you lose your private key and the server only allows key-based logins, you're locked out. Keep a secure backup somewhere you won't lose it.
Use a passphrase on laptops
A passphrase on your private key adds one more layer. If your laptop is stolen, the key alone isn't enough to get in.
Only share the .pub file
The public key (id_rsa.pub) is the only thing that goes on servers. Everything else stays on your machine.
That's Actually It
Ten minutes to set up. Years of typing passwords saved. SSH keys are one of those things where the payoff is wildly disproportionate to the effort required — you do it once and then it just quietly works in the background forever.
Whichever platform you're on — Linux, Mac, or Windows — the core idea is the same: run ssh-keygen, copy your public key to the server, test the connection. That's the whole thing.
Now go set it up. Future you will be grateful.