In this post we will look at how to install Microsoft official version of OpenSSH for Windows. This guid was prepared for Windows 10.
- Download the OpenSSH Windows binaries (https://github.com/PowerShell/Win32-OpenSSH/releases/) and extract it into C:\Program Files\OpenSSH
- Open terminal as
administrator and go to the folder:
[pre class="brush:bash"]cd C:\Program Files\OpenSSH[/pre]
- Install sshd and ssh-agent
[pre class="brush:bash"]powershell.exe -ExecutionPolicy ByPass -File .\install-sshd.ps1[/pre]
- Setup SSH host keys (generate all the 'host; keys that sshd expects when it starts)
[pre class="brush:bash"].\ssh-keygen.exe -A[/pre]
- Securing the SSH host keys
- Start service ssh-agent (Control Panel -> Administrative Tools -> Services -> ssh-agent -> Start the service)
- Download PsExec.exe (https://technet.microsoft.com/en-us/sysinternals/pxexec.aspx?f=255&MSPPError=-2147217396)
- Launch terminal as administrator and enter the following command after going into the folder [pre class="brush:bash"]psexec.exe -i -s cmd.exe[/pre]
- A new cmd window will open and enter the following commands to encrypt the keys (after going into the OpenSSH folder) [pre class="brush:bash"]ssh-add ssh_host_dsa_key
- Host keys are now securely stored by the ssh-agent, private key files can be now removed
- Create an inbound firewall rule to allow ssh traffic[pre class="brush:bash"]netsh advfirewall firewall add rule name='SSH Port' dir=in action=allow protocol=TCP localport=22[/pre]
- If you are going to be doing key-based authentication, run the following setup the key-auth package [pre class="brush:bash"]Powershell.exe -ExecutionPolicy ByPass -File .\install-sshlsa.ps1[/pre]
- Restart the computer
- Start the service and/or configure automatic start:
- Go to Control Panel > System and Security > Administrative Tools and open Services. Locate SSHD service.
- If you want the server to start automatically when your machine is started: Go to Action > Properties. In the Properties dialog, change Startup type to Automatic and confirm.
- If you want to restart these services when they crash (double click on sshd -> Recovery -> Select all failures to "Restart the service"
- Start the SSHD service by clicking the Start the service.
- Connecting to the server
- In Moba Xterm, Open sessions -> select SFTP and then provide the IP address and the user name and connect as usual.