Menu

Virtual Geek

Tales from real IT system administrators world and non-production environment

OpenSSH Server configuration for Windows

I had a requirement to test configuring OpenSSH server on Microsoft Windows and connect it through OpenSSH client. Using given below steps in this article we can setup OpenSSH server on Windows server and connect through Linux SSH client.

First go to Settings >> Apps & features >> Optional features >> Add a feature >> Search openssh >> Select checkbox on OpenSSH Server >> and Click Install button.

Microsoft windows configure openssh server client winrm optional features apps and features settings ansible over ssh automation alternative rdp open port 22 3389 5986 5985.png

Part 1: OpenSSH Server configuration for Windows
Part 2: Key based passwordless authentication to Microsoft Windows OpenSSH Server
Part 3: Configuring Ansible to Manage Windows Servers via OpenSSH

Additionally if you want to automate the above GUI instructions and need to automate OpenSSH server configuration using commands you can use below PowerShell cmdlets. Which will Install OpenSSH.Server capability, Next start sshd service and set startup type to Automatic. In the last open inbound TCP port 22 in the windows defender firewall.

Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

##Alternatively use this command to install:
dism /Online /Add-Capability /CapabilityName:OpenSSH.Server~~~~0.0.1.0

#############################################################################

Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'

if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) {
    Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
    New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
} else {
    Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
}

Here is the screenshot after installation and configuring all the settings through PowerShell commands.

microsoft windows get-windowscapability add-windowscapability openssh.server online start-service set-service sshd startuptype get-netfirewallrule microsoft windows openssh port 22 write-output configuration.png

Below is the configuration of OpenSSH Server service status and OpenSSH Inbound rule created in Windows Defender Firewall.

Microsoft Windows SERvices openssh ssh server automtic stop start running sshd.exe port 22 3389 ansible windows windows defender firewall with advanced security inbound rule outbound.png

Since I am planning to implement this on Microsoft Azure I will open SSH 22 port in nsg (network security group) which is attached to Azure Virtual Machine, so there is no obstruction.

Microsoft azure demo nsg network security group ssh tcp port inbound outbound windows 22 port openssh server configuration source destination service port ranges configuration ansible devops.png

Here is the PowerShell script you can use to create inbound rule in Azure NSG

# Get the NSG
$nsg = Get-AzNetworkSecurityGroup -Name "your-nsg-name" -ResourceGroupName "your-resource-group"

# Define rule parameters
$ruleName = "AllowSSH"
$description = "Allow inbound SSH traffic"
$priority = 300
$protocol = "Tcp"
$sourceAddressPrefix = "*"
$sourcePortRange = "*"
$destinationAddressPrefix = "*"
$destinationPortRange = 22
$access = "Allow"

# Create rule config
$ruleConfig = New-AzNetworkSecurityRuleConfig `
  -Name $ruleName `
  -Description $description `
  -Access $access `
  -Protocol $protocol `
  -Direction "Inbound" `
  -Priority $priority `
  -SourceAddressPrefix $sourceAddressPrefix `
  -SourcePortRange $sourcePortRange `
  -DestinationAddressPrefix $destinationAddressPrefix `
  -DestinationPortRange $destinationPortRange

# Add rule to the NSG object
$nsg.SecurityRules.Add($ruleConfig)

# Apply the changes
Set-AzNetworkSecurityGroup -NetworkSecurityGroup $nsg

Once Windows server is fully configured with OpenSSH server, Next step is to check the connection from Linux system. Try connect using SSH it should be successful.

ssh administrator@win-openssh

Microsoft windows openssh server configuration for powershell connection linux openssh ssh connection ansible known hosts list fingerprint configuration linux to windows connect ssh powershell.png

Useful Articles
Executing PowerShell script from PHP HTML web server
Send system disk space utilization HTML report Email using PowerShell
Send Email using PowerShell with .net object System.Net.Mail.MailMessage
PowerShell XML OperationStopped: No coercion operator is defined between types 'System.Object&' and 'System.Object'
Powershell Create new file if not exist, if exist Rename file
PowerShell Create XML document with XmlWriter .net object
PowerShell save export data to XML file
Bulk change multiple file names with OneLiner PowerShell command
Resolved PowerShell Visual studio code stuck with 'Starting up PowerShell' in status bar
Building basic simple Web Server using PowerShell
Running Your First PowerShell Scripts With Jenkins and Git
Git clone or push Missing or invalid credentials fatal authentication failed
PowerShell How to find file and folders in Azure Storage Account Blobs and Containers
PowerShell GUI get patch updates information with disk space and uptime

Go Back

 Posted in Powershell
  Tags windows openssh ssh microsoft powershell winrm ansible

Comment

Blog Search

Page Views

12716021

Archive

Comments

Follow me on Blogarama