DEV Community

John  Ajera
John Ajera

Posted on

9

Configure SSH Login from Windows to Windows

Configure SSH Login from Windows to Windows

Setting up SSH login allows you to securely connect between two Windows machines. This is useful for remote management, automation, and scripting tasks.


Step 1: Verify User Requirements on the Destination Machine

Before proceeding with SSH setup, ensure the following requirements are met for the user account that will be accessed remotely:

  1. The user must exist on the destination machine

    • Use username@hostname or hostname\username for local accounts.
    • Use DOMAIN\username if logging into a domain-joined machine.
  2. The user must have a password

    • Windows OpenSSH does not allow empty passwords by default.
  3. The user must have SSH access

    • Check if they are not blocked in C:\ProgramData\ssh\sshd_config.
    • Ensure AllowUsers (if used) includes the username.
  4. The user must have remote login rights

    • In Local Security Policy (secpol.msc), check:
      • Allow log on through Remote Desktop Services
      • Deny log on locally (must not include the user).
  5. Ensure the user has a valid home directory

    • The profile should exist under C:\Users\username.
  6. If non-admin, grant SSH access

    • If restricted, run:
     icacls C:\ProgramData\ssh\sshd_config /grant Users:RX
    

Step 2: Install OpenSSH

On the Destination Machine (SSH Server):

  1. Open PowerShell with administrative privileges:
  • Press Win + S, type PowerShell, right-click on Windows PowerShell, and select Run as Administrator.
  1. Check if OpenSSH Server is installed:
   Get-WindowsCapability -Online | Where-Object Name -like '*OpenSSH.Server*'
Enter fullscreen mode Exit fullscreen mode

If it shows State : NotPresent, install OpenSSH Server:

   Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
Enter fullscreen mode Exit fullscreen mode
  1. Start and enable the SSH service:
   Start-Service sshd
   Set-Service -Name sshd -StartupType Automatic
Enter fullscreen mode Exit fullscreen mode
  1. Allow SSH through Windows Firewall:
   New-NetFirewallRule -Name "OpenSSH" -DisplayName "OpenSSH Server" -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
Enter fullscreen mode Exit fullscreen mode

On the Source Machine (SSH Client):

  1. Check if OpenSSH Client is installed:
   Get-WindowsCapability -Online | Where-Object Name -like '*OpenSSH.Client*'
Enter fullscreen mode Exit fullscreen mode

If it shows State : NotPresent, install OpenSSH Client:

   Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
Enter fullscreen mode Exit fullscreen mode

Step 3: Start an SSH Session Between Windows Machines

  1. On the source machine, open PowerShell or Command Prompt.
  2. Connect to the destination machine:
   ssh username@destination-ip
Enter fullscreen mode Exit fullscreen mode
  1. If prompted, enter the password for the destination machine.

Step 4: Verify SSH Connection

  1. Once connected, run a simple command to verify access:
   whoami
Enter fullscreen mode Exit fullscreen mode

This should return the username of the logged-in session.

  1. If you need to transfer files using SCP, use:
   scp C:\path\to\file.txt username@destination-ip:C:\destination\path\
Enter fullscreen mode Exit fullscreen mode

Troubleshooting (Use Command Prompt for These Steps)

If SSH fails to connect:

  1. Restart the SSH service on the destination machine:
   net stop sshd && net start sshd
Enter fullscreen mode Exit fullscreen mode
  1. Ensure SSH is listening on port 22:
   netstat -an | findstr :22
Enter fullscreen mode Exit fullscreen mode

If the port is not open, restart the SSH service and check firewall settings.

  1. If SSHD fails to start, check logs:
   wevtutil qe Application /q:"*[System[Provider[@Name='sshd']]]" /c:10 /rd:true /f:text
Enter fullscreen mode Exit fullscreen mode

Look for errors related to missing keys or incorrect permissions.

  1. Ensure SSH host keys exist:
   cd C:\ProgramData\ssh
   ssh-keygen -A
   net stop sshd && net start sshd
Enter fullscreen mode Exit fullscreen mode

Conclusion

Setting up SSH login from Windows to Windows enables secure remote access. This setup is useful for remote management, automation, and system administration.

If you run into any issues or have additional tips, feel free to share in the comments! 😊

Do your career a big favor. Join DEV. (The website you're on right now)

It takes one minute, it's free, and is worth it for your career.

Get started

Community matters

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

👋 Kindness is contagious

Immerse yourself in a wealth of knowledge with this piece, supported by the inclusive DEV Community—every developer, no matter where they are in their journey, is invited to contribute to our collective wisdom.

A simple “thank you” goes a long way—express your gratitude below in the comments!

Gathering insights enriches our journey on DEV and fortifies our community ties. Did you find this article valuable? Taking a moment to thank the author can have a significant impact.

Okay