Setting Up SSH on Windows Server

By /

LokerSSH.com –  SSH (Secure Shell) is a widely used protocol for securely accessing and managing remote servers over a network. Although SSH is typically associated with Linux-based systems, Windows Server can also be configured to support SSH connections, allowing you to securely manage your Windows servers remotely.

In this guide, we will walk you through the steps to set up SSH on Windows Server, enabling secure and efficient remote management. By following these steps, you can ensure that your Windows Server is ready for remote access via SSH, providing both security and convenience.

Why Use SSH on Windows Server?

1. Enhanced Security

SSH provides encrypted communication between your local machine and the remote server. Unlike older protocols like Telnet or RDP, SSH encrypts data, protecting sensitive information from being intercepted during transmission. Setting up SSH on your Windows Server ensures that your communications with the server are secure and less susceptible to eavesdropping.

2. Remote Management

Using SSH on Windows Server allows system administrators to remotely manage and configure the server. This means you can perform tasks like software updates, system configurations, and troubleshooting without needing physical access to the machine. It’s a more efficient way to handle multiple servers, especially in environments with many remote systems.

3. Linux-like Experience

For those accustomed to working with Linux or macOS, SSH on Windows Server offers a familiar environment. It allows administrators to use command-line tools and scripts, offering a streamlined way of managing the server remotely using SSH clients like PuTTY or OpenSSH.

Pre-requisites for Setting Up SSH on Windows Server

Before setting up SSH, ensure your system meets the following requirements:

  1. Windows Server Version: SSH is available on Windows Server 2019 and later versions. If you’re using Windows Server 2016 or earlier, you might need to upgrade to use native SSH support.
  2. Administrator Access: You must have administrator privileges on the Windows Server to install and configure SSH.
  3. Windows Features: Ensure that Windows Features like the OpenSSH Server component are available for installation.

Steps to Set Up SSH on Windows Server

Step 1: Install OpenSSH Server on Windows Server

Windows Server 2019 and later versions come with the OpenSSH server feature, which allows you to enable SSH functionality. Here’s how to install it:

1.1 Open PowerShell as Administrator

  • Click on the Start Menu, search for PowerShell, right-click on it, and choose Run as Administrator.

1.2 Install OpenSSH Server Feature

  • To install the OpenSSH Server feature, run the following command in PowerShell: 
    Add-WindowsFeature -Name OpenSSH-Server

    Or, for more recent versions (like Windows Server 2019 and later), you can use the Windows Settings app:

    1. Go to Settings > Apps > Optional Features.
    2. Scroll down and click on Add a feature.
    3. Find OpenSSH Server in the list, select it, and click Install.

1.3 Confirm Installation

To confirm that the OpenSSH Server has been installed, you can run:

Get-WindowsFeature -Name OpenSSH-Server

Step 2: Start and Configure SSH Server

2.1 Start the SSH Server

Once OpenSSH is installed, you need to start the SSH server service. You can do this using PowerShell by running the following command:

Start-Service sshd

2.2 Enable SSH Server to Start Automatically

To ensure that the SSH server starts automatically every time your server boots up, run the following command:

Set-Service -Name sshd -StartupType 'Automatic'

2.3 Configure Windows Firewall

Windows Firewall may block incoming SSH connections by default. To allow SSH traffic through the firewall, use this command:

New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Protocol TCP -Action Allow -LocalPort 22

This command opens port 22 (the default SSH port) for incoming connections.

Step 3: Test the SSH Connection

3.1 Check SSH Service Status

Verify that the SSH server is running by checking its status:

Get-Service sshd

If the service is running, it will display a Running status.

3.2 Connect via SSH

To test the SSH connection, use an SSH client such as PuTTY (for Windows users) or the built-in SSH client in Linux/macOS. From another computer, use the following command to test the connection:

ssh username@server-ip

Replace username with the server’s username and server-ip with the IP address of your Windows Server.

If everything is set up correctly, you should be prompted to enter your password for the server, and then gain remote access via SSH.

Step 4: Optional Configuration (SSH Key Authentication)

For enhanced security and convenience, you can configure SSH key-based authentication instead of using passwords. Here’s how to set it up:

4.1 Generate SSH Key Pair

On your local machine (the one you’re using to connect to the Windows Server), generate an SSH key pair. On Linux/macOS, use:

ssh-keygen

On Windows, you can use an SSH client like PuTTYgen to generate the key pair.

4.2 Copy Public Key to Windows Server

Once you have generated your SSH key pair, copy the public key to the Windows Server.

  • The public key should be placed in the following file on your Windows Server: 
    C:\Users\<your-username>\.ssh\authorized_keys

    If the .ssh folder doesn’t exist, create it manually.

4.3 Configure SSH for Key Authentication

Edit the SSH configuration file (sshd_config) to enable key authentication. The file is located at:

C:\ProgramData\ssh\sshd_config

Ensure that the following lines are not commented out:

PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys

4.4 Restart SSH Service

After configuring the SSH key authentication, restart the SSH service:

Restart-Service sshd

Step 5: Access Server Using SSH Keys

Now you can connect to the Windows Server using your private key:

ssh -i /path/to/private_key username@server-ip

Troubleshooting Tips

  • SSH Service Not Running: Ensure that the SSH service is running using Get-Service sshd. If it’s stopped, start it using Start-Service sshd.
  • Firewall Issues: Make sure that port 22 is open in the Windows Firewall and any external firewalls.
  • Permission Errors: Ensure that the .ssh folder and authorized_keys file have the correct permissions.

Conclusion

Setting up SSH on Windows Server enables secure, remote access to your server, allowing for more efficient management and better security practices. By following these steps, you can install and configure OpenSSH on your Windows Server, set up key-based authentication, and securely manage your server remotely.

Whether you’re managing a single server or a large infrastructure, SSH is an essential tool for any Windows Server administrator, making remote management simple and secure.

Scroll to Top