Windows Server 2022 SSH Install and Config¶
Useful links¶
Installing OpenSSH
Installing OpenSSH¶
1. Check if OpenSSH is installed¶
- If it's installed, you can skip to ...
2. Install the OpenSSH Client¶
3. Install the OpenSSH Server¶
Configure OpenSSH
Configuring Authorized SSH Keys¶
Step 1: Disable PasswordAuthentication and enable PubkeyAuthentication within the ssh_config file¶
Step 1: Add your public key¶
- [note] You will need to generate the key on your own, then paste the public key here
Step 2: Set Permissions for Administrator Authorized Keys¶
Run the following commands to secure administrators_authorized_keys:
icacls "C:\ProgramData\ssh\administrators_authorized_keys"
icacls "C:\ProgramData\ssh\administrators_authorized_keys" /remove "NT AUTHORITY\Authenticated Users"
icacls "C:\ProgramData\ssh\administrators_authorized_keys" /inheritance:r
icacls "C:\ProgramData\ssh\administrators_authorized_keys" /grant "SYSTEM:R"
icacls "C:\ProgramData\ssh\administrators_authorized_keys" /grant "BUILTIN\Administrators:F"
Step 3: Restart OpenSSH Service¶
After updating permissions, restart the sshd service:
Start and enable OpenSSH
1. Start the OpenSSH¶
# Start the sshd service
Start-Service sshd
# Confirm the Firewall rule is configured. It should be created automatically by setup. Run the following to verify
if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) {
Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
} else {
Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
}