Windows 10 1809 and Windows Server 2019 have gotten a built-in SSH server primarily based on OpenSSH. In this text we’ll present easy methods to set up and configure an OpenSSH server on Windows 10 and hook up with it remotely over protected SSH protocol (similar to in Linux 🙂 ).
How to Install OpenSSH Server on Windows?
Let’s see on easy methods to set up OpenSSH Server function on Windows 10 1903 (in Windows Server 2019 the process is identical).
The OpenSSH package deal (like ) is added to those (and newer) Windows variations because the Feature on Demand (FoD).
If you may have a direct Internet entry, you may set up OpenSSH utilizing PowerShell:
Add-WindowsCapability -Online -Name OpenSSH.Server*
Or utilizing DISM:
dism /Online /Add-Capability /CapabilityName:OpenSSH.Server~~~~zero.zero.1.zero
You may also set up OpenSSH on Windows 10 by the Settings panel (Apps -> Apps&Features -> Manage non-obligatory options -> Add a function). Find Open SSH Server within the record and click on Install.
To be sure that the OpenSSH server has been put in, run the command:
Get-WindowsCapability -Online | ? Name -like 'OpenSSH.Ser*'
State : Installed
Configure SSH Server on Windows 10/Windows Server 2019
After you may have put in OpenSSH server in Windows, you have to change sshd service startup kind to computerized and :
Set-Service -Name sshd -StartupType 'Automatic'
Using netstat, guarantee that the SSH server is working and ready for the connections on TCP port 22:
netstat -na| discover ":22"
Make positive that Windows Defender Firewall permits inbound connections to Windows by TCP port 22:
Get-WebFirewallRule -Name *OpenSSH-Server* |choose Name, ShowName, Description, Enabled
Name ShowName Description Enabled ---- ----------- ----------- ------- OpenSSH-Server-In-TCP OpenSSH SSH Server (sshd) Inbound rule for OpenSSH SSH Server (sshd) True
If the rule is disabled (Enabled=False) or lacking, you may :
New-WebFirewallRule -Name sshd -ShowName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -NativePort 22
By default, necessary OpenSSH elements are situated in these folders:
- OpenSSH Server executables:
- The sshd_config file (created after the primary service startup):
- OpenSSH log:
- The authorized_keys file and keys:
After OpenSSH set up, a brand new (sshd) is created on the pc.
OpenSSH Server Configuration File (sshd_config)
You can change your OpenSSH server settings within the config file: %programdatapercentsshsshd_config.
For instance, to disclaim SSH connection for the precise area consumer account (or all area customers), add these directives to the tip of the file:
DenyUsers [email protected] DenyUsers corp*
To enable SSH connection to the precise area group solely:
Or you may enable entry to a neighborhood group:
You can deny entry to the accounts with the administrator privileges. In this case, if it is advisable to carry out any privileged actions in your SSH session, you’ll have to use .
The following directives enable SSH entry utilizing RSA keys and passwords (we’ll look on easy methods to use RSA keys to entry Windows by SSH within the subsequent article intimately):
PubkeyAuthentication sure PasswordAuthentication sure
You can change the port OpenSSH receives connections to within the Port directive of the sshd_config file.
How to Connect to Windows 10 via SSH?
Now you may strive to hook up with your Windows 10 by the SSH consumer (I’m utilizing PuTTY, however you need to use a built-in Windows SSH consumer as an alternative).
At the primary connection, an ordinary request so as to add the host to the record of identified SSH hosts will seem.
Click Yes, and logon to your Windows 10 underneath Windows consumer.
If the SSH connection is profitable, the cmd.exe shell will begin with a immediate string.
[email protected] C:Usersadmin>
You can run completely different instructions, scripts or apps within the command immediate.
I favor working within the PowerShell console. To begin it, run this command:
In order to vary the default cmd.exe shell to PowerShell for OpenSSH, make :
New-ItemProperty -Path "HKLM:SOFTWAREOpenSSH" -Name DefaultShell -Value "C:WindowsSystem32WindowsPowerShellv1.0powershell.exe" -PropertyType String –Force
Restart your SSH connection and guarantee that PowerShell is now used as a default SSH shell (that is proven by
The PowerShell console has been began in your SSH session, and acquainted options work in it: tab autocompletion, PSReadLine shade highlighting, , and many others. If the present consumer is a member of the native directors group, all session instructions are executed elevated even when UAC is enabled.