OpenSSH is the open source version of the Secure Shell (SSH) tool used by administrators of Linux and other non-Windows systems to manage remote systems across platforms. OpenSSH was added to Windows in fall 2018 and is included in Windows 10 and Windows Server 2019.
SSH is based on a client-server architecture, where the system the user works on is the client and the remote system being managed is the server. OpenSSH includes a range of components and tools to provide a secure and simple method of remote system administration, including:
- sshd.exe: It is the SSH server component that must be running on the remotely managed system
- ssh.exe: It is the SSH client component that runs on the user's local system
- ssh-keygen.exe: Generate, manage, and convert authentication keys for SSH
- ssh-agent.exe: stores the private key for public key authentication
- ssh-add.exe: add the private key to the server's allowed list
- ssh-keyscan.exe: Helps collect public SSH host keys from many hosts
- sftp.exe: This is the service that provides the Secure File Transfer Protocol and runs over SSH
- scp.exe: is a file copy utility that runs over SSH
Install
To install OpenSSH using PowerShell, first run PowerShell as an administrator. To make sure OpenSSH is available, run the following cmdlet:
Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'
If neither has been installed, this operation should return the following output:
Name : OpenSSH.Client~~~~0.0.1.0 State : NotPresent Name : OpenSSH.Server~~~~0.0.1.0 State : NotPresent
Then, install the server or client components as needed:
# Install the OpenSSH client Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0 # Install OpenSSH server Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
Both should return the following output:
Path : Online : True RestartNeeded : False
Start and configure
To start and configure the OpenSSH server for use, open PowerShell as an administrator, and run the following command to start the sshd service:
# start the sshd service
Start-Service sshd
# Set the sshd service to run automatically
Set-Service -Name sshd -StartupType 'Automatic'
# Check if the firewall has opened port 22
if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) {
Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
} else {
Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
}
connect to the server
Once installed, you can connect to the OpenSSH server from a Windows 10 or Windows Server 2019 device with the OpenSSH client installed using PowerShell, as shown below. Be sure to run PowerShell as administrator:
ssh username@servername
You can try to use the 127.0.0.1 local connection test on the server, because the user name displayed by Windows may be inconsistent with the actual user name, so get the correct user name through net user to connect.
Once connected, you will receive a message like the following:
The authenticity of host 'servername (10.00.00.001)' can't be established. ECDSA key fingerprint is SHA256:(<a large string>). Are you sure you want to continue connecting (yes/no)?
After selecting Yes, the server is added to a list of known SSH hosts on Windows clients. You will be prompted to enter your password at this point. As a security precaution, the password is not displayed as it is being typed.
Once connected, you will see the Windows command line interface prompt:
domain\username@SERVERNAME C:\Users\username>
uninstall
# Uninstall the OpenSSH client Remove-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0 # Uninstall OpenSSH server Remove-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
If the service is in use when uninstalling, you may need to restart Windows later.
Original link: Developer Tools | 7Wate;