Let’s see how to install OpenSSH server functionality in Windows 10 1903 (the procedure is the same in Windows Server 2019).
The OpenSSH package (such as RSAT) is added to these (and newer) versions of Windows as a feature on demand (FoD).
If you have direct access to the Internet, you can install OpenSSH using PowerShell :
Windows capability added – OpenSSH.Server* online name
Or with the DISM:
disassemble /Online /Add-Capability /CapabilityName:OpenSSH.Server~~~~ 0.0.1.0
You can also install OpenSSH on Windows 10 via the control panel (Applications -> Applications and Features -> Manage Advanced Features -> Add Feature). Find Open SSH Server in the list and click Install.
To verify that the OpenSSH server is installed, run the command :
Get-WindowsCapability – online? The name is as OpenSSH.Ser*.
After installing the OpenSSH server in Windows, you must change the sshd service startup type to automatic and start the service via PowerShell :
Set-Service -Name sshd -StartupType ‘Automatic’
Use netstat to check if the SSH server is running and listen on TCP port 22 for a connection:
netstat -na| find :22
Verify that the Windows Defender firewall allows incoming connections to Windows on TCP port 22:
Get-NetFirewallRule -Name *OpenSSH-Server* |select Name, DisplayName, Description, Enabled.
Name Display Name Description Enabled
—- ———– ——-
OpenSSH Server-In-TCP OpenSSH SSH Server (sshd) Incoming rule for OpenSSH SSH Server (sshd) True
If a rule is disabled (Enabled=False) or does not exist, you can create a new incoming rule with the New-NetFirewallRule command:
New-NetFirewallRule -Name sshd -DisplayName ‘OpenSSH Server (sshd)’. -Allowed where -Directional incoming -Protocol TCP -Action permitted -LocalPort 22
By default, these directories contain important components of OpenSSH :
- The OpenSSH server binaries: C:WindowsSystem32OpenSSH
- sshd_config (created after first boot) : C:ProgramDatassh
- OpenSSH Journal: C:windowssystem32OpenSSHlogssshd.log
- File with authorized_keys and : %USERPROFILE%.ssh
After installing OpenSSH, a new local user (sshd) is created on the computer.
You can change the OpenSSH server settings in the configuration file: %programdata%sshsshd_config.
All the way to the z. For example, to prohibit SSH connections for a specific domain user account (or all domain users), add these directives to the end of the :
Deniers contoso.com [email protected] Deniers corp*
Allow SSH connection only for a specific group of domains :
You can also give access to the local group:
You can deny access to accounts with administrator rights. In this case, if you need to perform preference interventions in your SSH session, you should use runas.
Directors of DenyGroups
The following guidelines provide access to SSH with RSA keys and passwords:
Bluetooth authentication yes
Password authentication yes
You can change the port on which OpenSSH receives connections in the port directive in the sshd_config file.
After making changes to the sshd_config file, the sshd service must be restarted:
Restart of the service
You can now try to connect to Windows 10 via the SSH client.
The first time you connect, you will be prompted to add the host to the list of known SSH hosts.
Click Yes and log in to Windows 10 as a Windows user.
If the SSH connection is successful, the cmd.exe shell is started with a command prompt.
C: User Admin>
You can run various commands, scripts or applications from the command line.
I prefer to work in the PowerShell console. To get started, run this command:
To change the default cmd.exe shell to PowerShell for OpenSSH, make changes to the registry using the following PowerShell command:
New-ItemProperty -Path HKLM:SOFTWARE -Default NameShell -Value C:WindowsSystem32WindowsPowerShellv1.0powershell.exe -PropertyType string -Force
Restart the SSH connection and verify that PowerShell is now used as the default SSH shell (this is indicated in PS C:Usersadmin>).
The PowerShell console ran during your SSH session and the familiar functions work there: Tabs for automatic data entry, PSReadLine color marking, order history, etc. If the current user is a member of the local administrator group, all session commands are scaled, even if user account control is enabled.
windows openssh, openssh windows server 2016, windows 10 ssh config, windows 10 openssh server not installing, install openssh windows server 2012, windows openssh server login, openssh-win64, windows 7 ssh server