Differences
This shows you the differences between the selected revisions of the page.
| 2018-05-19 | 2018-06-13 | ||
| Restored revision 1521490334. Undoing revision 1526693203. (martin) (hidden) | Windows 10 version 1803 has openssh built in (as optional feature) + new service name + matching firewall rule name (martin) | ||
| Line 4: | Line 4: | ||
| ===== Installing SFTP/SSH Server ===== | ===== Installing SFTP/SSH Server ===== | ||
| + | |||
| + | ==== On Windows 10 version 1803 and newer ==== | ||
| + | |||
| + | * In //Settings// app, go to //Apps > Apps & features > Manage optional features//. | ||
| + | * Locate //"OpenSSH server"// feature, expand it, and select //Install//. | ||
| + | |||
| + | Binaries are installed to ''%WINDIR%\System32\OpenSSH''. Configuration file (''sshd_config'') and host keys are installed to ''%ProgramData%\ssh'' (only after the server is started for the first time). | ||
| + | |||
| + | You may still want to use the following manual installation, if you want to install a newer version of OpenSSH than the one built into Windows 10. | ||
| + | |||
| + | ==== On earlier versions of Windows ==== | ||
| * Download the latest [[https://github.com/PowerShell/Win32-OpenSSH/releases|OpenSSH for Windows binaries]] (package ''OpenSSH-Win64.zip'' or ''OpenSSH-Win32.zip'') &win32 &win64 | * Download the latest [[https://github.com/PowerShell/Win32-OpenSSH/releases|OpenSSH for Windows binaries]] (package ''OpenSSH-Win64.zip'' or ''OpenSSH-Win32.zip'') &win32 &win64 | ||
| * As the Administrator, extract the package to ''C:\Program Files\OpenSSH'' | * As the Administrator, extract the package to ''C:\Program Files\OpenSSH'' | ||
| * As the Administrator, install //sshd// and //ssh-agent// services: \\ ''powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps1'' | * As the Administrator, install //sshd// and //ssh-agent// services: \\ ''powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps1'' | ||
| + | |||
| + | ===== Configuring SSH server ===== | ||
| + | |||
| * Allow incoming connections to %%SSH%% server in Windows Firewall: | * Allow incoming connections to %%SSH%% server in Windows Firewall: | ||
| - | * Either run the following PowerShell command (Windows 8 and 2012 or newer only), &win8 &win2012 as the Administrator: \\ ''%%New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22%%'' | + | * Either run the following PowerShell command (Windows 8 and 2012 or newer only), &win8 &win2012 as the Administrator: \\ ''%%New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH SSH Server' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22%%'' |
| * or go to //Control Panel > System and Security > Windows Firewall//((//Windows Defender Firewall// on Windows 10.))// > Advanced Settings > Inbound Rules// and add a new rule for port 22. &wincp | * or go to //Control Panel > System and Security > Windows Firewall//((//Windows Defender Firewall// on Windows 10.))// > Advanced Settings > Inbound Rules// and add a new rule for port 22. &wincp | ||
| * Start the service and/or configure automatic start: | * Start the service and/or configure automatic start: | ||
| - | * Go to //Control Panel > System and Security > Administrative Tools// and open //Services//. Locate //sshd// service. &wincp | + | * Go to //Control Panel > System and Security > Administrative Tools// and open //Services//. Locate //%%OpenSSH SSH Server%%// service. &wincp |
| * If you want the server to start automatically when your machine is started: Go to //Action > Properties//. In the Properties dialog, change //Startup type// to //Automatic// and confirm. | * If you want the server to start automatically when your machine is started: Go to //Action > Properties//. In the Properties dialog, change //Startup type// to //Automatic// and confirm. | ||
| - | * Start the //sshd// service by clicking the //Start the service//. | + | * Start the //%%OpenSSH SSH Server%%// service by clicking the //Start the service//. |
| //These instructions are partially based on [[https://github.com/PowerShell/Win32-OpenSSH/wiki/Install-Win32-OpenSSH|the official deployment instructions]].// | //These instructions are partially based on [[https://github.com/PowerShell/Win32-OpenSSH/wiki/Install-Win32-OpenSSH|the official deployment instructions]].// | ||
| Line 27: | Line 41: | ||
| ===== [[connecting]] Connecting to the server ===== | ===== [[connecting]] Connecting to the server ===== | ||
| - | Before the first connection, find out fingerprint of the server's ED25519 key by running ''%%.\ssh-keygen.exe -l -f "%ProgramData%\ssh\ssh_host_ed25519_key" -E md5%%'' from the ''C:\Program Files\OpenSSH'', as the Administrator (with PowerShell, use ''$env:ProgramData'' instead of ''%ProgramData%''): &winpath | + | Before the first connection, find out fingerprint of the server's ED25519 key by running ''%%.\ssh-keygen.exe -l -f "%ProgramData%\ssh\ssh_host_ed25519_key" -E md5%%'' from the OpenSSH installation folder (''%WINDIR%\System32\OpenSSH'' or ''C:\Program Files\OpenSSH''), as the Administrator (with PowerShell, use ''$env:ProgramData'' instead of ''%ProgramData%''): &winpath |
| <code> | <code> | ||
| - | C:\Program Files\OpenSSH>.\ssh-keygen.exe -l -f "%ProgramData%\ssh\ssh_host_ed25519_key" -E md5 | + | C:\Windows\System32\OpenSSH>.\ssh-keygen.exe -l -f "%ProgramData%\ssh\ssh_host_ed25519_key" -E md5 |
| 256 MD5:0d:df:0a:db:b4:e9:f1:08:d5:59:2b:91:8e:08:1c:78 martin@example (ED25519) | 256 MD5:0d:df:0a:db:b4:e9:f1:08:d5:59:2b:91:8e:08:1c:78 martin@example (ED25519) | ||
| </code> | </code> | ||