Home Windows 10 OpenSSH Equivalent of ssh-copy-id
Post
Cancel

Windows 10 OpenSSH Equivalent of ssh-copy-id

At the moment, Windows 10’s implementation of the OpenSSH client does not have the ssh-copy-id command available. However, a PowerShell one-line command can mimic the ssh-copy-id command and allow you to copy an SSH public key generated by the ssh-keygen command to a remote Linux device for passwordless login.

Generate an SSH Key

Note: If you have already generated an SSH keypair that you would like to use, skip this section and proceed to the Copy SSH Key to Remote Linux Device section.

First, open a new PowerShell window (not a Command Prompt window!) and generate a new SSH keypair with the ssh-keygen command. By default, the public and private keys will be placed in the %USERPROFILE%/.ssh/ directory. The public key file we are interested in is named id_rsa.pub.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
PS C:\Users\Christopher> ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\Christopher/.ssh/id_rsa):
Created directory 'C:\Users\Christopher/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in C:\Users\Christopher/.ssh/id_rsa.
Your public key has been saved in C:\Users\Christopher/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:/mjkrJOQbRzCAwlSPYVBNcuxntm/Ms5/MMC15dCRrMc [email protected]
The key's randomart image is:
+---[RSA 2048]----+
|oo.+o==    o.o   |
|. o +. =  o =    |
|   o .+. . B     |
|    +..+o o E    |
|     *+.S. .     |
|    o +...o      |
|     o =. .o     |
|      o.*o ..    |
|      .=+++.     |
+----[SHA256]-----+
PS C:\Users\Christopher>

Copy SSH Key to Remote Linux Device

Next, we use the below PowerShell one-line command to copy the contents of the id_rsa.pub public key to a remote Linux device. Replace the {IP-ADDRESS-OR-FQDN} with the IP address or FQDN (Fully Qualified Domain Name) of the remote Linux device you would like to copy the public key to.

1
type $env:USERPROFILE\.ssh\id_rsa.pub | ssh {IP-ADDRESS-OR-FQDN} "cat >> .ssh/authorized_keys"

An example of this command is shown below. In this example, I am copying the contents of the id_rsa.pub public key to a remote Linux device at IP address 192.168.30.31.

1
2
3
4
5
6
7
PS C:\Users\Christopher> type $env:USERPROFILE\.ssh\id_rsa.pub | ssh 192.168.30.31 "cat >> .ssh/authorized_keys"
The authenticity of host '192.168.30.31 (192.168.30.31)' can't be established.
ECDSA key fingerprint is SHA256:mTD0/WNCVZ/p/PFSkNDmLJtzIGb5eD7qj6erOQkomjM.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.30.31' (ECDSA) to the list of known hosts.
ch[email protected]'s password:
PS C:\Users\Christopher>

Test Passwordless SSH Connectivity to Remote Linux Device

Finally, verify that you can SSH to the remote Linux device with the ssh command. An example to a remote Linux device at IP address 192.168.30.31 is shown below. Note how a password did not need to be entered in order for us to establish SSH connectivity to the remote Linux device.

1
2
3
4
PS C:\Users\Christopher> ssh 192.168.30.31
Last login: Sat May 23 12:44:51 2020 from 192.168.10.139
[[email protected] ~]$ who
christopher pts/0        2020-05-24 19:35 (192.168.10.113)

References

The instructions for this blog post were heavily inspired by Scott Hanselman’s blog post on the subject.

This post is licensed under CC BY 4.0 by the author.
Contents

Trending Tags