How To Install OpenSSH Server On Windows 11 [Tutorial]

by

How To Install OpenSSH Server On Windows 11 [Tutorial]

OpenSSH (Open Secure Shell) is a powerful tool used for remote administration and secure file transfers. Although it is commonly associated with Linux, Microsoft has been integrating OpenSSH functionality into Windows. The availability of OpenSSH Server on Windows 11 allows for easier management of remote connections and secure communication over untrusted networks. In this detailed tutorial, we will walk through the process of installing the OpenSSH Server on Windows 11, highlighting every step along the way.

Prerequisites

Before we begin the installation, ensure you meet the following prerequisites:

  1. Windows 11 Operating System: Make sure you are running a valid version of Windows 11.
  2. Administrator Privileges: You will need administrative rights to install and configure the OpenSSH Server.
  3. Internet Connection: Although the components are built into Windows, ensure you have an internet connection in case any additional updates are necessary.

Step 1: Checking for OpenSSH in Windows Features

Windows 11 natively supports OpenSSH, and the first step is to check if it is already installed on your system. Here’s how:

  1. Open Settings:

    • Click on the Start button or press the Windows key on your keyboard.
    • Select Settings or press Windows + I.

  2. Navigate to Optional Features:

    • In the Settings window, click on Apps.
    • Then, select Optional Features.

  3. View Installed Features:

    • Scroll through the list under the Installed features section.
    • Look for OpenSSH Server. If it appears in the list, you can skip to Step 4. If it is not listed, proceed to Step 2.

Step 2: Installing OpenSSH Server

If you discovered that OpenSSH Server is not installed, follow these steps to install it:

  1. Add a Feature:

    • In the Optional Features page, click on the Add a feature button at the top of the list.

  2. Search for OpenSSH Server:

    • In the search box that appears, type OpenSSH Server.

  3. Install the Feature:

    • Select OpenSSH Server from the search results.
    • Click the Install button. The installation will proceed, and you can monitor its progress.

  4. Completion:

    • After the installation is complete, you will see the OpenSSH Server appear in your installed features list.

Step 3: Starting the OpenSSH Server

Now that you have OpenSSH Server installed, the next step is to start the service so that you can begin using it. Follow these steps:

  1. Open Windows Services:

    • Press Windows + R to open the Run dialog.
    • Type services.msc and press Enter. This will open the Services management console.

  2. Locate OpenSSH Server:

    • In the Services window, scroll down the list until you find OpenSSH SSH Server.

  3. Start the Service:

    • Right-click on OpenSSH SSH Server and select Start. This will start the SSH server.

  4. Set to Automatic:

    • To ensure that the OpenSSH Server starts automatically with Windows, right-click on it again and select Properties.
    • In the Startup type dropdown, select Automatic, and then click OK.

Step 4: Configuring OpenSSH Server

After starting the OpenSSH server, it is crucial to configure it for secure operations.

  1. Locate the Configuration File:

    • The default configuration file for OpenSSH on Windows is found at: 
      C:ProgramDatasshsshd_config
    • You can edit this file using any text editor such as Notepad. Make sure to run the editor as an administrator.

  2. Edit Configuration File:

    • Open PowerShell or Command Prompt as Administrator.
    • Type notepad C:ProgramDatasshsshd_config and hit Enter.
    • Here are a few important parameters you might want to configure:
      • PermitRootLogin: Set to "no" to prevent root login.
      • PasswordAuthentication: You may want to disable this by setting it to "no" to only allow public key authentication.
      • Port: Optionally, you can change the default port (22) to something else for added security.

  3. Save Changes:

    • Once you’ve made the necessary changes, save the file and close Notepad.

Step 5: Allowing OpenSSH Server Through Windows Firewall

After installing and configuring the OpenSSH server, you will need to ensure that it is allowed through the Windows Firewall:

  1. Open Windows Security:

    • Click on the Start button and select Settings.
    • Choose Privacy & security, then select Windows Security.
    • Click on Firewall & network protection.

  2. Allow an App Through Firewall:

    • Select the option that says Allow an app through firewall.
    • Click on the Change settings button.

  3. Add OpenSSH Server:

    • Click on Allow another app…
    • In the dialog box that opens, click Browse.
    • Navigate to the OpenSSH installation directory typically found at: 
      C:WindowsSystem32 OpenSSHsshd.exe
    • Select sshd.exe and click Open.
    • Once added, ensure both the Private and Public checkboxes are selected.

  4. Save Changes:

    • Click OK to close the dialog.

Step 6: Connecting to Your OpenSSH Server

With the OpenSSH Server up and running, you can now connect to it using an SSH client. If you want to connect from another Windows device, you can use Windows Terminal or Powershell. Here’s how to connect:

  1. Open SSH Client:

    • Open PowerShell or Command Prompt on a different machine.

  2. Run SSH Command:

    • Enter the following command to connect: 
      ssh yourusername@hostname

      Replace yourusername with your actual username and hostname with the IP address or hostname of the Windows 11 machine.

  3. Accept SSH Key:

    • If connecting for the first time, you will be prompted to accept the server’s SSH key. Type "yes" to continue.

  4. Enter Password:

    • After accepting the key, you will be prompted to enter your user password for the Windows account.

Step 7: Testing Your SSH Connection

To ensure that your OpenSSH Server is working correctly, it’s important to test the connection:

  1. Log into Your Server:

    • Once connected, you should be able to execute commands on the Windows 11 machine.

  2. Verify Configuration:

    • You can verify the configuration of the SSH server using various commands. For example, you can use: 
      ls

      This command will list the contents of the current directory.

  3. Test File Upload/Download:

    • You can use the scp command (Secure Copy Protocol) to test file transfers. For instance, to upload a file from your local machine to the server: 
      scp path-to-local-file yourusername@hostname:/path-to-remote-directory

  4. Exit the SSH Session:

    • To log out from the SSH session, simply type: 
      exit

Step 8: Troubleshooting Common Issues

If you encounter any issues during the installation or connection phase, consider these troubleshooting tips:

  1. Service Not Starting:

    • Ensure that you have administrative privileges. Check the Event Viewer for any error messages related to OpenSSH.

  2. Connection Refused:

    • Verify that the OpenSSH service is running. Ensure it is allowed through the Windows Firewall.

  3. Firewall Settings:

    • If you cannot connect, check both the inbound and outbound rules in the Windows Firewall to ensure SSH is allowed.

  4. Configuration Errors:

    • If the SSH service fails to start, review the sshd_config file for any syntax or configuration errors.

  5. Reboot:

    • Sometimes a simple reboot of the Windows machine can resolve lingering issues or apply new configurations.

Step 9: Security Best Practices

To ensure the security of your OpenSSH Server setup, consider implementing the following best practices:

  1. Use Key-Based Authentication:

    • Instead of password-based login, use key-based authentication. Generate an SSH key pair and copy the public key to the C:Users\.sshauthorized_keys file on the server.

  2. Disable Root Login:

    • As previously mentioned, ensure PermitRootLogin no is set in the sshd_config.

  3. Change the Default SSH Port:

    • Changing the listening port from the default (22) to a non-standard port can reduce the chances of automated attacks.

  4. Use a Strong Password:

    • If using password authentication, ensure your password is complex and difficult to guess.

  5. Regular Updates:

    • Keep your Windows operating system updated to protect against vulnerabilities.

  6. Monitor Logs:

    • Regularly check SSH logs located at: 
      C:ProgramDatasshlogssshd.log

      Review logs for any unauthorized access attempts.

Conclusion

In this tutorial, we walked through the steps necessary to successfully install and configure an OpenSSH Server on Windows 11. We covered everything from the initial installation process to securing your SSH server and troubleshooting common issues. OpenSSH not only streamlines administrative tasks but also enhances security when properly configured. By following the instructions outlined, you can ensure that your remote connectivity solution is both efficient and secure.

The power of OpenSSH on Windows means you can take full advantage of secure remote access, paving the way for greater flexibility in managing servers and transferring files. Whether you’re a system administrator, developer, or just a tech enthusiast, mastering OpenSSH will certainly enhance your capabilities in managing systems.

Leave a Comment