How To Enable Ssh On Windows Server 2016
Windows 10 1809 and Windows Server 2019 take got a built-in SSH server based on OpenSSH. In this commodity we'll evidence how to install and configure an OpenSSH server on Windows 10 and connect to it remotely over protected SSH protocol (just like in Linux 🙂 ).
Contents:
- How to Install OpenSSH Server on Windows?
- Configure SSH Server on Windows ten/Windows Server 2019
- OpenSSH Server Configuration File (sshd_config)
- How to Connect to Windows 10 via SSH?
How to Install OpenSSH Server on Windows?
Let'due south see on how to install OpenSSH Server feature on Windows ten 1903 (in Windows Server 2019 the procedure is the same).
The OpenSSH package (like RSAT) is added to these (and newer) Windows versions as the Feature on Demand (FoD).
If you have a direct Internet admission, yous can install OpenSSH using PowerShell:
Add-WindowsCapability -Online -Name OpenSSH.Server*
Or using DISM:
dism /Online /Add-Capability /CapabilityName:OpenSSH.Server~~~~0.0.1.0
You can also install OpenSSH on Windows x through the Settings panel (Apps -> Apps&Features -> Manage optional features -> Add together a feature). Find Open SSH Server in the list and click Install.
To brand certain the OpenSSH server has been installed, run the command:
Get-WindowsCapability -Online | ? Name -like 'OpenSSH.Ser*'
State : Installed
Configure SSH Server on Windows 10/Windows Server 2019
After yous have installed OpenSSH server in Windows, you must change sshd service startup type to automatic and start the service using PowerShell:
Fix-Service -Name sshd -StartupType 'Automatic'
Start-Service sshd
Using netstat, make sure that the SSH server is running and waiting for the connections on TCP port 22:
netstat -na| find ":22"
Make certain that Windows Defender Firewall allows inbound connections to Windows through TCP port 22:
Get-NetFirewallRule -Proper name *OpenSSH-Server* |select Proper name, DisplayName, Description, Enabled
Name DisplayName Description Enabled ---- ----------- ----------- ------- OpenSSH-Server-In-TCP OpenSSH SSH Server (sshd) Inbound dominion for OpenSSH SSH Server (sshd) True
If the rule is disabled (Enabled=False) or missing, you can create a new inbound rule using the New-NetFirewallRule cmdlet:
New-NetFirewallRule -Proper noun sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled Truthful -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
By default, of import OpenSSH components are located in these folders:
- OpenSSH Server executables:
C:\Windows\System32\OpenSSH\ - The sshd_config file (created later on the starting time service startup):
C:\ProgramData\ssh - OpenSSH log:
C:\windows\system32\OpenSSH\logs\sshd.log - The authorized_keys file and keys:
%USERPROFILE%\.ssh\
Later OpenSSH installation, a new local user (sshd) is created on the computer.
OpenSSH Server Configuration File (sshd_config)
You tin can change your OpenSSH server settings in the config file: %programdata%\ssh\sshd_config.
For instance, to deny SSH connexion for the specific domain user account (or all domain users), add together these directives to the end of the file:
DenyUsers woshub\admin@192.168.1.ten DenyUsers corp\*
To allow SSH connexion to the specific domain group only:
AllowGroups woshub\sshadmins
Or you lot can let access to a local grouping:
AllowGroups sshadmins
You can deny admission to the accounts with the administrator privileges. In this case, if you demand to perform whatever privileged actions in your SSH session, you will accept to utilize runas.
DenyGroups Administrators
The following directives allow SSH access using RSA keys and passwords (we'll wait on how to apply RSA keys to access Windows through SSH in the next article in item):
PubkeyAuthentication yes PasswordAuthentication yeah
You can modify the port OpenSSH receives connections to in the Port directive of the sshd_config file.
After making any changes to sshd_config file, you need to restart the sshd service:
restart-service sshd
How to Connect to Windows 10 via SSH?
At present yous can try to connect to your Windows 10 through the SSH client (I am using PuTTY, merely you tin use a built-in Windows SSH client instead).
At the first connection, a standard request to add the host to the list of known SSH hosts volition appear.
Click Aye, and logon to your Windows ten under Windows user.
If the SSH connectedness is successful, the cmd.exe shell will start with a prompt cord.
admin@win10pc C:\Users\admin>
Y'all tin run different commands, scripts or apps in the command prompt.
I prefer working in the PowerShell console. To start information technology, run this command:
powershell.exe
In gild to alter the default cmd.exe beat out to PowerShell for OpenSSH, make changes to the registry using the following PowerShell command:
New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Proper name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String –Force
Restart your SSH connexion and make sure that PowerShell is now used as a default SSH shell (this is shown by PS C:\Users\admin>).
The PowerShell panel has been started in your SSH session, and familiar features piece of work in information technology: tab autocompletion, PSReadLine color highlighting, command history, etc. If the current user is a fellow member of the local administrators group, all session commands are executed elevated even if UAC is enabled.
Source: http://woshub.com/connect-to-windows-via-ssh/
Posted by: wilsonthictly.blogspot.com
0 Response to "How To Enable Ssh On Windows Server 2016"
Post a Comment