Tag: SSH

Jan082019January 8, 2019September 22, 201925Commentsby Thomas Maurer
Mastering Azure with Cloud Shell

Mastering Azure with Cloud Shell

Posted in Cloud, Microsoft, Microsoft Azure, PowerShell, Visual Studio, Visual Studio Code, Windows Terminal, Work

There are multiple ways to interact and manage resources in Microsoft Azure. You can use the Azure Portal or command line tools like the Azure PowerShell module or the Azure CLI, which you can install on your local machine. However, to set up a cloud management workstation for administrators and developers can be quite a lot of work. Especially if you have multiple computers, keeping consistency between these machines can be challenging. Another challenge is keeping the environment secure and all the tools up to date. The Azure Cloud Shell addresses this any many more things.

Cloud Shell is not brand new, Microsoft announced Cloud Shell at Build 2017. This blog post is about how you can master Azure with Cloud Shell and give you an overview of the possibilities of Cloud Shell.

 

What is Cloud Shell

Cloud Shell Azure Portal

Cloud Shell offers a browser-accessible, pre-configured shell experience for managing Azure resources without the overhead of installing, versioning, and maintaining a machine yourself. Azure Cloud Shell is assigned per unique user account and automatically authenticated with each session. This makes it a private and secure environment.

You get a modern web-based command line experience which can be accessed from several endpoints like the Azure Portal, shell.azure.com and the Azure mobile app, Visual Studio Code or directly in the Azure docs.

In the backend, Azure uses containers and automatically attaches an Azure File Share to the container. You can store the data on it, so your data is persistent. This persists your data across different Cloud Shell sessions.

Cloud Shell Bash and PowerShell

You can choose your preferred shell experience. Cloud Shell supports Bash and PowerShell and included your favorite third-party tools and standard tools and languages. If something like a module is missing, you can add it.

Read More

Jul042018July 4, 2018June 10, 20192Commentsby Thomas Maurer
Inked Azure Security Center Just in time VM access_LI

Azure – Just in Time VM access

Posted in Cloud, Microsoft, Microsoft Azure, PowerShell, Virtualization, Windows Server, Work

If you run virtual machines with a public IP address connected to the internet, attackers immediately try to run attacks against it. Brute force attacks commonly target management ports, like RDP or SSH, to gain access to a VM. If the attacker is successful, he can take control over the VM and access other resources in the environment. To address that issue it is highly recommended to reduce the ports open, especially for the management ports. However, sometimes you will need to open to ports for some of the virtual machines for management tasks. Microsoft Azure has a simple way to address this issue, called Azure JIT virtual machine (VM) access. Just in time VM access can be used to lock down inbound traffic to your Azure VMs, reducing exposure to attacks while providing easy access to connect to VMs when needed.

To find more about Just-in-time virtual machine access in Azure Security, check out the Microsoft Docs.

How does Azure Just in Time VM Access work

In the Azure Security Center, you can enable just in time VM access; this will create a Network Security Rule (NSG) to lock down inbound traffic to the Azure VM. During the initial JIT VM access configuration, you will be configuring the ports specified, which will be managed by Azure Security Center, these ports will be locked down by the Azure Security Center using an NSGs.

Configure Azure JIT VM access

Inked Configure Just in time VM access_LI

Azure JIT VM access is configured in the Azure Security Center. To configure and enable JIT on a virtual machine open up the Azure Security Center and click on Just in time VM access.

Here you will find three states, Configured, Recommended and No recommendation.

  • Configured – VMs that have been set to support just in time VM access. The data presented is for the last week and includes for each VM the number of approved requests, last access date and time, and last user.
  • Recommended – VMs that can support just in time VM access but have not been configured to. We recommend that you enable just in time VM access control for these VMs. See Configuring a just in time access policy.
  • No recommendation – Reasons that can cause a VM not to be recommended are:
    • Missing NSG – The just in time solution requires an NSG to be in place.
    • Classic VM – Security Center just in time VM access currently supports only VMs deployed through Azure Resource Manager. A classic deployment is not supported by the just in time solution.
    • Other – A VM is in this category if the just in time solution is turned off in the security policy of the subscription or the resource group, or that the VM is missing a public IP and doesn’t have an NSG in place.

To configure you click on Recommended and select the Virtual Machine, for which you want to enable JIT.

Click on Enable JIT on VMs and configure the ports which should be managed by Just in time VM Access. Just in time VM access will recommend some default ports like RDP, SSH, and PowerShell Remoting. You can also add other ports to the virtual machine if you want or need to.

Requesting Just in time VM Access for Azure Virtual Machine

Request Just in time VM access

On the Configured section, you can select the VM you want to request access to and click on Request access. You can now choose the ports you want to be open for a specific time and a particular IP address. This will open up the ports, and after 2-3 minutes, you will be able to access the virtual machine.

To send such a request, the user who requests access to the Virtual Machine needs to have write access to the virtual machines in the Azure Role-Based Access Control (RBAC).

Auditing access activity

Of course, all the request get logged and can be reviewed in the Activity Log.

Licensing

Azure just in time VM access is licensed over Azure Security Center and needs the Standard Tier to be enabled for the specific virtual machine.

I hope this gives you an idea of how you can leverage Just in time VM access in Azure for your workloads.


Jun132018June 13, 2018January 12, 20197Commentsby Thomas Maurer
OpenSSH Server on Windows Server

Install OpenSSH Server on Windows Server

Posted in Cloud, Microsoft, Microsoft Azure, PowerShell, Windows, Windows 10, Windows Server, Windows Server 1709, Windows Server 1803

Back in 2017 Microsoft made OpenSSH available on Windows 10. Shorty after OpenSSH was also available for Windows Server, version 1709. This blog post should give you a simple step by step guy how you install OpenSSH Server on Windows Server. OpenSSH is available for Windows Server, version 1709 and higher. If you are running Windows Server 2016, and you want to stay in the long-term servicing branch, you will need to wait for the next Windows Server LTSC build.

Install OpenSSH Server on Windows Server

If you are running a Windows Server 1709 or higher, you can simply use PowerShell to install the OpenSSH Client and Server.

OpenSSH on Windows Server

You can use the following PowerShell commands to install the OpenSSH Server on the server.

 
Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'
 
# Install the OpenSSH Server
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
 
# Install the OpenSSHUtils helper module, which is needed to fix the ACL for ths host keys.
Install-Module -Force OpenSSHUtils

After the installation you can find the OpenSSH Server files and some more configuration options under “C:\Windows\System32\OpenSSH”

Next you need to configure the OpenSSH Server (sshd)

To enable authentication into an SSH server on Windows, you first have to generate host keys and repair the ACL on the host keys.

Configure OpenSSH Server on Windows

To configure the OpenSSH Server, just run the following PowerShell commands:

 
Start-Service ssh-agent
 
cd C:\Windows\System32\OpenSSH
 
# Generate Key
.\ssh-keygen -A
 
# Add Key
.\ssh-add ssh_host_ed25519_key
 
# Repair SSH Host Key Permissions
Repair-SshdHostKeyPermission -FilePath C:\Windows\System32\OpenSSH\ssh_host_ed25519_key
 
# Open firewall port
New-NetFirewallRule -Protocol TCP -LocalPort 22 -Direction Inbound -Action Allow -DisplayName SSH
# Consider to configure the Profile for the Firewall rule

Now you should be able to access your Windows Server using an SSH client.

OpenSSH Server on Windows Server

Remember if you run your server in Microsoft Azure, you might also need to configure the Network Security Group to allow SSH Remoting on port 22.

I hope this post help you and if you have any questions, please let me know in the comments.


Apr032018April 3, 2018June 16, 201911Commentsby Thomas Maurer
Hyper-V HVC SSH Direct for Linux VMs

HVC – SSH Direct for Linux VMs on Hyper-V

Posted in Cloud, Hyper-V, Microsoft, PowerShell, Virtualization, Windows, Windows 10, Windows Server, Windows Server 1803, Windows Server 2019, Work

If you are running Hyper-V on Windows 10 or Windows Server 2016, you probably know about a feature called PowerShell Direct. I also mentioned that PowerShell Direct is one of the 10 hidden features in Hyper-V you should know about. PowerShell Direct lets you remotely connect to a Windows Virtual Machine running on a Hyper-V host, without any network connection inside the VM. PowerShell Direct uses the Hyper-V VMBus to connect inside the Virtual Machine. Of course, this feature is convenient if you need it for automation and configuration for Virtual Machines. As this is great for Windows virtual machines, it does not work with Virtual Machines running Linux. In the latest Windows 10, Windows Server 1803 (RS4) and Windows Server 2019 (RS5) Insider Preview builds, Microsoft enabled a tool called HVC. HVC is a tool which allows you to do some command line VM management. HVC SSH is basically PowerShell Direct for Linux VMs.

This allows connecting to a Linux VM using SSH over the Hyper-V VMBus. You are also able to copy files inside a virtual machine using scp, similar to Copy-item -ToSession using PowerShell Direct. You can read more about PowerShell Direct on my blog or the Microsoft Doc pages.

How to connect to Linux VMs using SSH Direct

HVC SSH on Hyper-V

To connect to Linux VMs using SSH Direct (HVC) type hvc.exe into the command line or PowerShell. This will give you all the possible command options. Of course, SSH has to big configured inside the Linux virtual machine.

hvc ssh Thomas@VMNAME

To make this work, the SSH server inside the VM needs to be configured.

Final Thoughts

A pretty cool tool which will be available in the official releases of Windows 10 and Windows Server 1803, released this spring. Later this year this feature will also be included in Windows Server 2019. If you want to try it out today, give the Windows Insider Preview builds a spin.

Thanks to Ben Armstrong for pointing this out ;)


Jan302018January 30, 2018September 25, 20192Commentsby Thomas Maurer
Azure Stack Tools

Set up an Azure Stack Cloud Operator and Developer Workstation Environment

Posted in Cloud, Containers, Hyper-V, Microsoft, Microsoft Azure, Microsoft Azure Stack, PowerShell, Windows, Windows 10, Windows Server, Work

If you are responsible for managing and operating Azure Stack, you will need to enable a couple of tools to manage Azure Stack. This post should give you a summary of what you should do to setup your Azure Stack Operator and Developer workstation environment.

Operating System

Azure Stack Windows Admin Workstation

First of all, you should set up a clean base system. I usually use the latest version of Windows 10, right now the latest Windows 10 version is the Fall Creators Update which gives you some great features like the OpenSSH client or the Windows Subsystem for Linux build in, or I use Windows Server 2016 with Desktop Experience. Make sure you install all the latest updates for Microsoft Update.

Install Visual Studio Code

PowerShell for Visual Studio Code

Visual Studio Code is a new, free, lightweight cross-platform code editor for building modern web and cloud applications on Mac OS X, Linux, and Windows. It is perfect for editing JSON files and even writing some code. And it has a built-in Terminal, so you don’t have to switch between different windows.

I recommend you install the following Extensions:

code --install-extension ms-vscode.vscode-azureextensionpack
code --install-extension ms-vscode.powershell
 
code --list-extensions

Install SSH Client or Windows Subsystem for Linux (WSL)

OpenSSH Windows 10

To manage if you need to manage the hardware switches, border switches, Linux Virtual Machines running on Azure Stack is connected, SSH is the way to access it. Windows 10 now comes with several builtin options like the OpenSSH Client which you can install as an additional feature or for example the Windows Subsystem for Linux (WSL) which allows you to run several Linux tools on Windows directly. If you are using another version of Windows, the third-party application PuTTY is your friend.

You can also use PowerShell to install it:

Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'
 
# Install the OpenSSH Client
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
 
# Install the OpenSSH Server
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

Install Azure Stack PowerShell

Install Azure Stack PowerShell

Azure Stack compatible Azure PowerShell modules are required to work with Azure Stack. PowerShell commands for Azure Stack are installed through the PowerShell gallery. You can run the following commands to install it (Make sure there are no other Azure PowerShell Modules installed, if there are, the commands will remove them). If you also install Visual Studio, install Visual Studio first before you install the Azure Stack PowerShell.

# Trust the PowerShell Gallery
Set-PSRepository -Name "PSGallery" -InstallationPolicy Trusted
 
# Remove Existing Azure PowerShell Modules
Get-Module -ListAvailable | where-Object {$_.Name -like “Azure*} | Uninstall-Module
 
# Install the AzureRM.Bootstrapper module. Select Yes when prompted to install NuGet
Install-Module -Name AzureRm.BootStrapper
 
# Install and import the API Version Profile required by Azure Stack into the current PowerShell session.
Use-AzureRmProfile -Profile 2017-03-09-profile -Force
 
#Install Azure Stack Module
Install-Module -Name AzureStack -RequiredVersion 1.2.11
 
# Verify Installation
Get-Module -ListAvailable | where-Object {$_.Name -like "Azure*"}

If you need to install it on a machine which does not have access to the internet. check out the official Microsoft page: Install PowerShell for Azure Stack

Install Azure Stack tools

Azure Stack Tools

AzureStack-Tools is a GitHub repository that hosts PowerShell modules that you can use to manage and deploy resources to Azure Stack. This brings you several functionalities for Azure Stack management:

  • Deployment of Azure Stack – Helps prepare for Azure Stack deployment.
  • Resource Manager policy for Azure Stack – Constrains Azure subscription to the capabilities available in the Azure Stack.
  • Connecting to Azure Stack – Connect to an Azure Stack instance from your personal computer/laptop.
  • Setting up Identity for Azure Stack – Create and manage identity-related objects and configurations for Azure Stack
  • Azure Stack Service Administration – Manage plans and subscriptions in Azure Stack.
  • Azure Stack Compute Administration – Manage compute (VM) service in Azure Stack.
  • AzureRM Template validator – Validate Azure ARM Template Capabilities
  • Azure Stack Infrastructure Administration – Manage Azure Stack Infrastructure

You can get the Azure Stack tools from GitHub:

# Change directory to the root directory
cd \
 
# Download the tools archive
Invoke-WebRequest https://github.com/Azure/AzureStack-Tools/archive/master.zip -OutFile master.zip
 
# Expand the downloaded files
Expand-Archive master.zip -DestinationPath . -Force
 
# Change to the tools directory
cd AzureStack-Tools-master

You can directly open that folder in Visual Studio Code:

code C:\AzureStack-Tools-master

Configure Azure Stack PowerShell environment

As an Azure Stack user, you can configure your Azure Stack PowerShell environment. After you have configured the environment, you can use PowerShell to manage Azure Stack resources such as subscribe to offers, create virtual machines, deploy Azure Resource Manager templates, etc.

For an Azure Stack deployment which is using Azure Active Directory (AAD) as an Identity Provider, you can use the following commands:

# Navigate to the downloaded folder and import the **Connect** PowerShell module
Set-ExecutionPolicy RemoteSigned
Import-Module .\Connect\AzureStack.Connect.psm1
 
# For Azure Stack development kit, this value is set to https://management.local.azurestack.external. For a real Azure Stack solution this will be https://maangement.-region-.-fqdn-
$ArmEndpoint = "<Resource Manager endpoint for your environment>"
 
# For Azure Stack development kit, this value is set to https://graph.windows.net/.
$GraphAudience = "<GraphAudience endpoint for your environment>"
 
# Register an AzureRM environment that targets your Azure Stack instance
Add-AzureRMEnvironment `
-Name "AzureStackUser" `
-ArmEndpoint $ArmEndpoint
 
# Set the GraphEndpointResourceId value
Set-AzureRmEnvironment `
-Name "AzureStackUser" `
-GraphAudience $GraphAudience
 
# Get the Active Directory tenantId that is used to deploy Azure Stack
$TenantID = Get-AzsDirectoryTenantId `
-AADTenantName "<myDirectoryTenantName>.onmicrosoft.com" `
-EnvironmentName "AzureStackUser"
 
# Sign in to your environment
Login-AzureRmAccount `
-EnvironmentName "AzureStackUser" `
-TenantId $TenantID

Install and configure CLI for use with Azure Stack

Azure CLI

You can also use the Azure CLI 2.0 to manage Azure Stack.

Install Azure CLI on Windows using MSI

To install the CLI on Windows and use it in the Windows command-line, download and run the Azure CLI Installer (MSI).

Install with apt-get for Bash on Ubuntu on Windows (WSL)

  1. Open the Bash shell.
  2. Modify your sources list. 
    echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ wheezy main" | \
sudo tee /etc/apt/sources.list.d/azure-cli.list
  3. Run the following sudo commands: 
    sudo apt-key adv --keyserver packages.microsoft.com --recv-keys 52E16F86FEE04B979B07E28DB02C46DF417A0893
sudo apt-get install apt-transport-https
sudo apt-get update && sudo apt-get install azure-cli
  4. Run the CLI from the command prompt with the az command.

Connect to Azure Stack using the Azure CLI

If you are using Public Certificates for your Azure Stack, this is pretty straight forward, if you are using the Azure Stack Development Kit or an Internal CA, make sure your client trusts the Azure Stack CA root Certificate. You can find more here: Install and configure CLI for use with Azure Stack

Register your Azure Stack environment by running the az cloud register command.

Register as a cloud administrative environment:

  1. To register the cloud administrative environment, use: 
    az cloud register \
-n AzureStackAdmin \
--endpoint-resource-manager "https://adminmanagement.-region-.FQDN-" \
--suffix-storage-endpoint "-region-.FQDN-" \
--suffix-keyvault-dns ".adminvault.-region-.FQDN-" \
--endpoint-active-directory-graph-resource-id "https://graph.windows.net/" \
--endpoint-vm-image-alias-doc <URI of the document which contains virtual machine image aliases>
  2. Set the active environment by using the following commands. 
    az cloud set \
-n AzureStackAdmin
  3. Update your environment configuration to use the Azure Stack specific API version profile. To update the configuration, run the following command: 
    az cloud update \
--profile 2017-03-09-profile
  4. Sign in to your Azure Stack environment by using the az login command. You can sign in to the Azure Stack environment either as a user or as a service principal. 
    az login \
-u <Active directory global administrator or user account. For example: username@<aadtenant>.onmicrosoft.com> \
--tenant <Azure Active Directory Tenant name. For example: myazurestack.onmicrosoft.com>

Register the user environment, use:

  1. To register the user environment, use: 
    az cloud register \
-n AzureStackUser \
--endpoint-resource-manager "https://management.local.azurestack.external" \
--suffix-storage-endpoint "local.azurestack.external" \
--suffix-keyvault-dns ".vault.local.azurestack.external" \
--endpoint-active-directory-graph-resource-id "https://graph.windows.net/" \
--endpoint-vm-image-alias-doc <URI of the document which contains virtual machine image aliases>
  2. Set the active environment by using the following commands. 
    az cloud set \
-n AzureStackUser
  3. Update your environment configuration to use the Azure Stack specific API version profile. To update the configuration, run the following command: 
    az cloud update \
--profile 2017-03-09-profile
  4. Sign in to your Azure Stack environment by using the az login command. You can sign in to the Azure Stack environment either as a user or as a service principal. 
    az login \
-u <Active directory global administrator or user account. For example: username@<aadtenant>.onmicrosoft.com> \
--tenant <Azure Active Directory Tenant name. For example: myazurestack.onmicrosoft.com>

Install the Microsoft Azure Storage Explorer

Azure Stack Azure Storage Explorer

To access and manage Azure Stack Storage Accounts, you can also use the Microsoft Azure Storage Explorer tool. Microsoft Azure Storage Explorer (Preview) is a standalone app from Microsoft that allows you to quickly work with Azure Storage data on Windows, macOS, and Linux.

If you are running the Azure Stack Development Kit, you should again have a look at how you get the certificates in place, and you can find that here: Connect Storage Explorer to an Azure Stack subscription

  1. Install the Microsoft Azure Storage Explorer
  2. After Storage Explorer restarts, select the Edit menu, and then ensure that Target Azure Stack is selected. If it is not selected, select it, and then restart Storage Explorer for the change to take effect. This configuration is required for compatibility with your Azure Stack environment.
  3. To connect to the Azure Stack account, select Add an account.
  4. In the Connect to Azure Storage dialog box, under Azure environment, select Use Azure Stack Environment, and then click Next.
  5. To sign in with the Azure Stack account that’s associated with at least one active Azure Stack subscription, fill in the Sign in to Azure Stack Environment dialog box.
    The details for each field are as follows: Environment name: The field can be customized by the user.
    ARM resource endpoint: The samples of Azure Resource Manager resource endpoints: For cloud operator:
    https://adminmanagement.-region-.-FQDN-
    For tenant:
    https://management.-region-.-FQDN-
    Tenant Id: Optional. The value is given only when the directory must be specified.

This should help you quickly set up an Azure Stack Cloud Operator Workstation. What other tools do you need to manage and operator your Azure Stack? Leave a comment.

If you want to know more about the responsibilities and toolset of an Azure Stack Operator, check out my blog post at the Microsoft IT OpsTalk blog.


Dec182017December 18, 2017January 12, 20190Commentby Thomas Maurer
Windows SSH on WSL

Install and Configure OpenSSH Server on Windows 10 and Windows Server 1709

Posted in Cloud, Hyper-V, Microsoft, Microsoft Azure, Microsoft Azure Stack, PowerShell, Windows, Windows 10, Windows Server, Windows Server 1709, Work

A couple of weeks ago I already wrote about how OpenSSH is now available on Windows 10. In this blog post I will cover how to install and configure OpenSSH Server on Windows 10 and Windows Server 1709.

Today, OpenSSH Client and Server on Windows are still in Beta, so they should only be used in secure test environments and not in production.

First you have to install the OpenSSH feature on your Windows machine. Remember that it needs to be the Windows 10 Fall Creators Update (1709) or Windows Server version 1709 or higher.

Windows OpenSSH Server

 
Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'
 
# Install the OpenSSH Server
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
 
# Install the OpenSSHUtils helper module, which is needed to fix the ACL for ths host keys.
Install-Module -Force OpenSSHUtils

On Windows 10 you can also use the UI to install it.

Windows OpenSSH Server Folder

After the installation you can find the OpenSSH Server files and some more configuration options under C:\Windows\System32\OpenSSH

Now you need to configure the OpenSSH Server (sshd)

To enable authentication into an SSH server on Windows, you first have to generate host keys and repair the ACL on the host keys.

Configure OpenSSH Server on Windows

 
Start-Service ssh-agent
 
cd C:\Windows\System32\OpenSSH
 
# Generate Key
.\ssh-keygen -A
 
# Add Key
.\ssh-add ssh_host_ed25519_key
 
# Repair SSH Host Key Permissions
Repair-SshdHostKeyPermission -FilePath C:\Windows\System32\OpenSSH\ssh_host_ed25519_key
 
# Open firewall port
New-NetFirewallRule -Protocol TCP -LocalPort 22 -Direction Inbound -Action Allow -DisplayName SSH
# Concider to configure the Profile for the Firewall rule

Windows SSH on WSL

Now you should be able to connect to the Windows Machine using SSH for an SSH client. Of course this can be the OpenSSH client or the SSH client which comes with the Windows Subsystem for Linux on Windows 10.

Azure Network Security Group SSH

If you are running OpenSSH Server on a Windows 10 or Windows Server 1709 virtual machine in Microsoft Azure, don’t forget to also configure the Network Security Group (NSG) to allow SSH inbound access on port 22.

Also check out how you can do SSH from PowerShell: Using SSH with PowerShell


Nov222017November 22, 2017January 12, 20198Commentsby Thomas Maurer
OpenSSH Windows 10

Install SSH on Windows 10 as Optional Feature

Posted in Microsoft, PowerShell, Windows, Windows 10, Work

On Windows 10 you have already a couple of options to run SSH commands. You can use for example the PowerShell Module Posh-SSH or use the Windows Subsystem for Linux (WSL) or use third party tools like PuTTY.

Today my colleague Raphael Burri from itnetX mentioned that with the latest Windows 10 release, the Fall Creators Update (10.0.16299), there is another option to use SSH on Windows 10. It looks like you can now install a beta version of OpenSSH on Windows 10 as an optional feature.

Install SSH on Windows 10

Just go to the Settings App > Apps > Settings & Apps > Manage Optional Features > Add Feature and select the OpenSSH Client Beta and as you can see, you also have OpenSSH Server (Beta) available.

Add a feature OpenSSH Windows 10

You can also using PowerShell to install it:

 
Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'
 
# Install the OpenSSH Client
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
 
# Install the OpenSSH Server
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

After installing the optional feature OpenSSH Client, you can now use the SSH client from PowerShell or the Command Prompt

OpenSSH Windows 10

It is great to see Microsoft integrating even more options for SSH on Windows 10. I hope this posts helps you how to install SSH on Windows 10.



  • Follow Me

  • About

    Thomas Maurer

    My name is Thomas Maurer. I am a Senior Cloud Advocate at Microsoft. I am part of the Azure engineering team (Cloud + AI) and engage with the community and customers around the world. I am located in Switzerland. I am focusing on Microsoft technologies, especially cloud and datacenter solutions based on Microsoft Azure, Azure Stack and Windows Server. Opinions are my own.

  • Get Updates

  • Sponsor

  • Sponsor

    Starwind

  • Sponsor

    Scriptrunner PowerShell Ad

  • Sponsor

    Altaro Ad