Installing OpenSSH for Windows

In this post we will look at how to install Microsoft official version of OpenSSH for Windows. This guid was prepared for Windows 10.

• Download the OpenSSH Windows binaries (https://github.com/PowerShell/Win32-OpenSSH/releases/) and extract it into C:\Program Files\OpenSSH
• Open terminal as administrator and go to the folder:
  [pre class="brush:bash"]cd C:\Program Files\OpenSSH[/pre]
• Install sshd and ssh-agent services
  [pre class="brush:bash"]powershell.exe -ExecutionPolicy ByPass -File .\install-sshd.ps1[/pre]
• Setup SSH host keys (generate all the 'host; keys that sshd expects when it starts)
  [pre class="brush:bash"].\ssh-keygen.exe -A[/pre]
• Securing the SSH host keys
• Start service ssh-agent (Control Panel -> Administrative Tools -> Services -> ssh-agent -> Start the service)
• Download PsExec.exe (https://technet.microsoft.com/en-us/sysinternals/pxexec.aspx?f=255&MSPPError=-2147217396)
• Launch terminal as administrator and enter the following command after going into the folder [pre class="brush:bash"]psexec.exe -i -s cmd.exe[/pre]
• A new cmd window will open and enter the following commands to encrypt the keys (after going into the OpenSSH folder) [pre class="brush:bash"]ssh-add ssh_host_dsa_key
  ssh-add ssh_host_rsa_key
  ssh-add ssh_host_ecdsa_key
  ssh-add ssh_host_ed25519_key
  [/pre]
• Host keys are now securely stored by the ssh-agent, private key files can be now removed
• Create an inbound firewall rule to allow ssh traffic[pre class="brush:bash"]netsh advfirewall firewall add rule name='SSH Port' dir=in action=allow protocol=TCP localport=22[/pre]
• If you are going to be doing key-based authentication, run the following setup the key-auth package [pre class="brush:bash"]Powershell.exe -ExecutionPolicy ByPass -File .\install-sshlsa.ps1[/pre]
• Restart the computer
• Start the service and/or configure automatic start:
• Go to Control Panel > System and Security > Administrative Tools and open Services. Locate SSHD service.
• If you want the server to start automatically when your machine is started: Go to Action > Properties. In the Properties dialog, change Startup type to Automatic and confirm.
• If you want to restart these services when they crash (double click on sshd -> Recovery -> Select all failures to "Restart the service"
• Start the SSHD service by clicking the Start the service.
• Connecting to the server
• In Moba Xterm, Open sessions -> select SFTP and then provide the IP address and the user name and connect as usual.

References:

https://winscp.net/eng/docs/guide_windows_openssh_server
https://github.com/PowerShell/Win32-OpenSSH/wiki/Install-Win32-OpenSSH

http://stackoverflow.com/questions/4037939/powershell-says-execution-of-scripts-is-disabled-on-this-system

You may also interested in reading: