Keys

How to share OpenSSH keys with WSL in Windows

Here is how you can share your SSH keys between Windows 11/10 and WSL 2 if you don't want to copy over your ssh keys from Windows to WSL 2 Linux, or generate new ones.

Home » How to share OpenSSH keys with WSL in Windows

The SSH config directive IdentityFile specifies a file from which the user’s DSA, ECDSA, authenticator-hosted ECDSA, Ed25519, authenticator hosted Ed25519 or RSA authentication identity is read. You can use this to share your Windows OpenSSH key with WSL. Assuming you’ve created a key pair in Windows using ssh-keygen.

Don’t want to copy over your ssh keys from Windows to WSL 2 Linux? Or generate new ones? Then share your Windows OpenSSH key with WSL 2! The OpenSSH config gives you the option to share keys using an IdentityFile directive. Here is everything about sharing SSH keys between Windows and WSL 2.

First start with creating a symlink in WSL from ~/.ssh to /mnt/c/Users/exampleuser/.ssh/. Substitute “exampleuser” with your user name:

ln -s /mnt/c/Users/exampleuser/.ssh ~/.ssh

Next, create a file /etc/wsl.conf, and add the following contents:

[automount]
options = "metadata,mask=22,fmask=11"

This is required because Linux uses a different user/group system than Windows does, and using this automount option adds specific metadata. Source: Chmod/Chown WSL Improvements. You also have to fix file permissions on ~/.ssh, the keys and config files:

chmod 600 ~/.ssh
chmod 644 ~/.ssh/id_ed25519
chmod 644 ~/.ssh/config

Last, open up your ssh config file in Windows, which is located in C:\Users\exampleuser\.ssh, and add two IdentityFile lines. One using your Windows path and one the WSL Linux path:

Host *.example.org
  IdentityFile	c:/users/exampleuser/.ssh/id_ed25519
  IdentityFile	/mnt/c/Users/exampleuser/.ssh/id_ed25519
  User exampleuser
  ForwardAgent yes

ForwardAgent specifies whether the connection to the authentication agent (if any) will be forwarded to the remote machine. If you have the ssh-agent service running in Windows, you can use this to connect to a host where you don’t have an authorized_keys available yet by ssh’ing into a jump host. Use with caution.

See also  Add VirtIO drivers to Windows Recovery Environment (Windows RE)

Did you like this post?

Please take a second to support Sysadmins of the North and donate!

Your generosity helps pay for the ongoing costs associated with running this website like coffee, hosting services, library mirrors, domain renewals, time for article research, and coffee, just to name a few.

Also read:

Tags
0 0 votes
Article Rating
Subscribe
Notify of
guest
4 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
trackback
Windows 11 and WSL 2 DevOps environment - Sysadmins of the North
2025-09-16 10:24 am

[…] directive pointing to my Windows .ssh/id_ed25519 file using a Linux path. That is because I share OpenSSH keys with WSL in Windows 10. Doing so there is no need for having separate key files for Windows and Linux/WSL. Or is […]

0
Reply
trackback
Install OpenSSH in Windows Server - Sysadmins of the North
2025-09-26 8:37 am

[…] Tunnel RDP through SSH & PuTTY, or learn how to share OpenSSH keys with WSL in Windows 10 […]

0
Reply
trackback
YubiKey support in OpenSSH for Windows 11 - Sysadmins of the North
2025-09-26 9:57 am

[…] I’ll add instructions to this post how to share OpenSSH keys with WSL2, create a dedicated WSL OpenSSH config and how to use that specific WSL 2 OpenSSH config file for […]

0
Reply
trackback
Tunnel RDP through SSH & PuTTY - Sysadmins of the North
2025-09-26 10:29 am

[…] Share OpenSSH keys with WSL in Windows […]

0
Reply

Related Posts