OpenSSH Server on Windows Server

Written by June 13, 2018 3:56 pm Microsoft, Microsoft Azure, PowerShell, Windows, Windows Server • 7 Comments

Install OpenSSH Server on Windows Server

HomeMicrosoft, Microsoft Azure, PowerShell, Windows, Windows ServerInstall OpenSSH Server on Windows Server
Tweet
Share
Share
WhatsApp
Pin
Share
Reddit
Pocket
Vote
Flip
Buffer
Email

Back in 2017 Microsoft made OpenSSH available on Windows 10. Shortly after OpenSSH was also available for Windows Server, version 1709. This blog post should give you a simple step by step guy how you install OpenSSH Server on Windows Server. OpenSSH is available for Windows Server, version 1709 and higher. If you are running Windows Server 2016, and you want to stay in the long-term servicing branch, you will need to wait for the next Windows Server LTSC build.

Install OpenSSH Server on Windows Server

If you are running a Windows Server 1709 or higher, you can simply use PowerShell to install the OpenSSH Client and Server.

OpenSSH on Windows Server

You can use the following PowerShell commands to install the OpenSSH Server on the server.

Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'

# Install the OpenSSH Server
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

After the installation you can find the OpenSSH Server files and some more configuration options under “C:\Windows\System32\OpenSSH”

Next you need to configure the OpenSSH Server (sshd)

Install start and configure OpenSSH on Windows Server SSH
Install start and configure OpenSSH on Windows Server SSH

To start and configure the OpenSSH Server, just run the following PowerShell commands:

# Start the sshd service
Start-Service sshd

# OPTIONAL but recommended:
Set-Service -Name sshd -StartupType 'Automatic'

# Confirm the Firewall rule is configured. It should be created automatically by setup. Run the following to verify
if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) {
Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
} else {
Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
}

Now you should be able to access your Windows Server using an SSH client.

OpenSSH Server on Windows Server
SSH to Windows Server

Remember if you run your server in Microsoft Azure, you might also need to configure the Network Security Group to allow SSH Remoting on port 22.

I hope this post help you and if you have any questions, please let me know in the comments.

Tags: , , , , , , , , , , , , , , , Last modified: November 24, 2021

About the Author /

Thomas works as a Senior Cloud Advocate at Microsoft. He engages with the community and customers around the world to share his knowledge and collect feedback to improve the Azure cloud platform. Prior joining the Azure engineering team, Thomas was a Lead Architect and Microsoft MVP, to help architect, implement and promote Microsoft cloud technology.   If you want to know more about Thomas, check out his blog: www.thomasmaurer.ch and Twitter: www.twitter.com/thomasmaurer

Experts Live Netherlands 2018 Thomas Maurer Previous Story
Speaking at Experts Live Netherlands 2018 in Ede
Thomas Maurer Azure Stack Webinar Next Story
Azure Stack Webinar by Microsoft MVP Thomas Maurer

Related Posts

Results and recommendations of the Azure Landing Zone Review Assessment

Azure Landing Zone Review Assessment

September 7, 2023 Microsoft Azure

If you are planning to adopt Azure as your cloud platform, you might be wondering how to prepare your environment for hosting your...
Read More
Top 20 Microsoft Azure Blogs

Listed in the Feedspot 100 Best Microsoft Azure Blogs and Websites 2023

August 24, 2023 Microsoft Azure, Thomas Maurer • 2 Comments

I am thrilled to share some exciting news with you all: my blog has been ranked as the second best Microsoft Azure blog in the Feedspot 100...
Read More
Strategic Migration Assessment Readiness Tool SMART Results and recommendations and actions

Microsoft Azure Strategic Migration Assessment & Readiness Tool 

August 4, 2023 Microsoft Azure

If you are looking for a way to migrate your workloads to Microsoft Azure, you might want to check out the Azure Strategic Migration...
Read More
Happy Birthday Windows Server

Happy 30th Birthday Windows Server! 🥳🎂🍾🎈

July 28, 2023 Microsoft, Windows Server • 2 Comments

Windows Server just celebrates the 30th birthday! 🥳🎂🍾🎈  Can you believe it? It’s been 30 years since Windows Server...
Read More

7 Replies to “Install OpenSSH Server on Windows Server”

  1. David Mark says:
    November 27, 2018 at 6:34 am

    You failed to mention that Windows Server, version 1709 and higher not available yet and not stable. I have wasted several hours believing your blog. Total useless.

    Reply
    • Thomas Maurer says:
      November 27, 2018 at 4:30 pm

      Sad your experience was not good.
      Windows Server, version 1709 is available since September last year! (2017) We now even have version 1803 and 1809 as well as the LTSC version Windows Server 2019, available!

      Reply
  2. ASW says:
    December 17, 2018 at 2:42 pm

    Is there any easy way to set PowerShell as default SSH shell instead of cmd? Thanks!

    Reply
  3. Wayne Lam says:
    January 3, 2019 at 3:16 am

    I got this error when starting the service:
    PS C:\windows\system32\OpenSSH> Start-Service ssh-agent
    Start-Service : Service ‘OpenSSH Authentication Agent (ssh-agent)’ cannot be started due to the following error: Cannot start
    service ssh-agent on computer ‘.’.
    At line:1 char:1
    + Start-Service ssh-agent
    + ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : OpenError: (System.ServiceProcess.ServiceController:ServiceController) [Start-Service], ServiceCommand
    Exception
    + FullyQualifiedErrorId : CouldNotStartService,Microsoft.PowerShell.Commands.StartServiceCommand

    Reply
  4. mydeardiary says:
    January 3, 2019 at 11:55 pm

    You need to copy \sources\sxs directory into \Windows directory before adding OpenSSH.Server~~~~0.1.0.0 feature

    robocopy E:\sources\sxs C:\Windows\sxs

    After that, you may add openssh.server capability into existing installation.

    Reply
  5. Daniel Pesta says:
    April 29, 2019 at 5:04 pm

    Thanks for putting these instructions together Thomas, I found them very helpful. I needed a couple of extra steps to make everything work:

    Before I could run the Start-Service ssh-agent command, I first needed to start the service in Windows (https://stackoverflow.com/questions/52113738/starting-ssh-agent-on-windows-10-fails-unable-to-start-ssh-agent-service-erro)

    Get-Service -Name ssh-agent | Set-Service =StartupType Manual

    Generating the keys (.\ssh-keygen -A) resulted in a ‘no such file or directory\ error until I created an ssh directory off of C:\programData.

    Reply
  6. David Scott says:
    July 19, 2019 at 4:41 pm

    I just tried the latest build of Win32 OpenSSH (v8.0.0.0p1) on an up-to-date Windows 2016 LTSC (1607) and it is working, so I guess whatever limitation preventing earlier releases of the program have now been fixed.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Close