Setup SSH Server in Windows 10 or Windows Server, Online or Offline

Install OpenSSH

Online

Jump to Install OpenSSH Offline if your OS has no internet connection.

  1. Press Win + i to open Settings.
  2. Navigate to Apps - Apps & features - Optional features.
  3. Click Add a feature.
  4. Type openssh in search box to find OpenSSH Server.
  5. Select it and click Install.

Offline

Jump to next section if you've installed it online.

  1. On a computer having internet access, download OpenSSH Win64 (or Win32) on GitHub.
  2. Copy downloaded archive to the offline computer.
  3. On the offline computer, unzip the content of the archive to C:\Windows\System32\OpenSSH.
  4. Press Win + r, type powershell and press Ctrl + Shift + Enter to run PowerShell as administrator.
  5. In opened PowerShell, execute below commands.
    cd $env:SystemRoot/System32/OpenSSH
./install-sshd.ps1
  6. If below message is prompted, enter R and press Enter. 
    Do you want to run software from this untrusted publisher?
File C:\Windows\System32\OpenSSH\install-sshd.ps1 is published by CN=Microsoft Corporation, O=Microsoft Corporation,
L=Redmond, S=Washington, C=US and is not trusted on your system. Only run scripts from trusted publishers.
[V] Never run  [D] Do not run  [R] Run once  [A] Always run  [?] Help (default is "D"):
  7. If succeeds, the below texts will be prompted. 
    [SC] SetServiceObjectSecurity SUCCESS
[SC] ChangeServiceConfig2 SUCCESS
[SC] ChangeServiceConfig2 SUCCESS
sshd and ssh-agent services successfully installed

Tweak Your Configurations

If you want to tweak your SSH server configuration, edit file %ProgramData%\ssh\sshd_config. When troubleshooting, add these to your config can generate a verbose debug log in folder logs. 

SysLogFacility  LOCAL0
LogLevel        DEBUG3

Enable the Service

  1. Press Win + r, type services.msc and press Enter.
  2. Find OpenSSH SSH Server and double click on it.
  3. Change its startup type to automatic, click Start and then click OK.

Add Rules in Windows Firewall

  1. Press Win + r, type wf.msc and press Enter to open Windows Firewall settings.
  2. On left panel, select inbound rules.
  3. On right panel, select new rule....
  4. Select port for rule type, and click next.
  5. Select TCP for protocol and specific local ports for ports, and type 22 in it. 22 is the default port for SSH, if you changed it in your config, fill yours in instead.
  6. Select allow the connection for action and click next.
  7. Check the network types you would like to open SSH server to and click next.
  8. Give this rule a proper name.
  9. Click finish.

All finished! Now you can connect it using command:

ssh username@hostname

Change Default Shell for SSH

If you want to use it as a git server, command git clone username@hostname:repo.git might fail with below error: 

'git-upload-pack' is not recognized as an internal or external command,
operable program or batch file.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

To solve this, you need to change default shell for SSH to Git Bash

Run PowerShell as administrator and execute following command. Note that you need replace C:\Program Files\Git\bin\bash.exe with your path to bash.exe: 

New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" `
    -Name DefaultShell `
    -Value "C:\Program Files\Git\bin\bash.exe" `
    -PropertyType String -Force
Back to Top | Home Page | GitHub | Email Me