Differences
This shows you the differences between the selected revisions of the page.
| guide_windows_openssh_server 2025-01-24 | guide_windows_openssh_server 2025-01-30 (current) | ||
| Line 8: | Line 8: | ||
| * On Windows 11: &win11 | * On Windows 11: &win11 | ||
| - | * Go to //Settings > Apps > Optional features// and click on //View features//. | + | * Go to //Settings > System > Optional features// and click on //View features//. |
| - | * Locate //"OpenSSH server"// feature, select it, click //Next//, and then click //Install//. | + | * Locate //"OpenSSH server"// feature, select it, click //Next//, and then click //Add//. |
| * On Windows 10 (version 1803 and newer): &win10 | * On Windows 10 (version 1803 and newer): &win10 | ||
| * Go to //Settings > Apps > Apps & features > Optional features// and click on //Add a feature//. | * Go to //Settings > Apps > Apps & features > Optional features// and click on //Add a feature//. | ||
| Line 31: | Line 31: | ||
| * or go to //Windows Security > Firewall & network protection//((//Control Panel > Windows Defender Firewall// (or //Windows Firewall//) on older versions of Windows.))// > Advanced Settings > Inbound Rules// and add a new rule for port 22. &wincp | * or go to //Windows Security > Firewall & network protection//((//Control Panel > Windows Defender Firewall// (or //Windows Firewall//) on older versions of Windows.))// > Advanced Settings > Inbound Rules// and add a new rule for port 22. &wincp | ||
| * Start the service and/or configure automatic start: | * Start the service and/or configure automatic start: | ||
| - | * Go to //Control Panel > System and Security > Administrative Tools// and open //Services//. Locate //%%OpenSSH SSH Server%%// service. &wincp | + | * Go to //Control Panel > System and Security > Windows Tools// (//Administrative Tools// on Windows 10 and older) and open //Services//. Locate //%%OpenSSH SSH Server%%// service. &wincp &win10 |
| * If you want the server to start automatically when your machine is started: Go to //Action > Properties// (or just double-click the service). In the Properties dialog, change //Startup type// to //Automatic// and confirm. | * If you want the server to start automatically when your machine is started: Go to //Action > Properties// (or just double-click the service). In the Properties dialog, change //Startup type// to //Automatic// and confirm. | ||
| * Start the //%%OpenSSH SSH Server%%// service by clicking the //Start the service// link or //Action > Start// in the menu. | * Start the //%%OpenSSH SSH Server%%// service by clicking the //Start the service// link or //Action > Start// in the menu. | ||
| Line 41: | Line 41: | ||
| Follow a generic guide for [[guide_public_key|Setting up SSH public key authentication]] in *nix OpenSSH server, with the following difference: | Follow a generic guide for [[guide_public_key|Setting up SSH public key authentication]] in *nix OpenSSH server, with the following difference: | ||
| - | * Cr the ''.ssh'' folder (for the ''authorized_keys'' file) in your Windows account profile folder (typically in ''C:\Users\username\.ssh'').((Windows File Explorer does not allow you to create a folder starting with a dot directly. As a workaround, use ''.ssh.'', the trailing dot will allow you to bypass the restriction, but will not be included in the name.)) &winpath | + | * Create the ''.ssh'' folder (for the ''authorized_keys'' file) in your Windows account profile folder (typically in ''C:\Users\username\.ssh'').((Windows File Explorer does not allow you to create a folder starting with a dot directly. As a workaround, use ''.ssh.'', the trailing dot will allow you to bypass the restriction, but will not be included in the name.)) &winpath |
| * For permissions to the ''.ssh'' folder and the ''authorized_keys'' file, what matters are Windows ACL permissions, not simple *nix permissions. Set the %%ACL%% so that the respective Windows account is the owner of the folder and the file and is the only account that has a write access to them. The account that runs //OpenSSH %%SSH%% Server// service (typically ''SYSTEM'' or ''sshd'') needs to have read access to the file. | * For permissions to the ''.ssh'' folder and the ''authorized_keys'' file, what matters are Windows ACL permissions, not simple *nix permissions. Set the %%ACL%% so that the respective Windows account is the owner of the folder and the file and is the only account that has a write access to them. The account that runs //OpenSSH %%SSH%% Server// service (typically ''SYSTEM'' or ''sshd'') needs to have read access to the file. | ||
| * Though, with the default Win32-OpenSSH configuration there is an exception set in ''sshd_config'' for accounts in ''Administrators'' group. For these, the server uses a different location for the authorized keys file: ''%ALLUSERSPROFILE%\ssh\administrators_authorized_keys'' (i.e. typically ''C:\ProgramData\ssh\administrators_authorized_keys''). &winpath | * Though, with the default Win32-OpenSSH configuration there is an exception set in ''sshd_config'' for accounts in ''Administrators'' group. For these, the server uses a different location for the authorized keys file: ''%ALLUSERSPROFILE%\ssh\administrators_authorized_keys'' (i.e. typically ''C:\ProgramData\ssh\administrators_authorized_keys''). &winpath | ||