07 July 2021

Unfortunately, getting an SSH server up and running on Windows 10 isn’t quite as easy as it is on a Linux box. Fortunately for you, I’ve done a bit of digging to figure it out and then write up a quick blog post on it. If you use your favorite search engine to try to find information on it, you’ll probably come across this Microsoft Docs page, that appears to have sound instructions on how to get it up and running. In my experience, this not only doesn’t work but also installs a super old version of the Win32-OpenSSH server. What you actually want to do, is grab the latest release from the PowerShell/Win32-OpenSSH GitHub page, and then follow the installation instructions from their wiki. I won’t copy/paste them here in case they change, but I will throw in an additional tip. If you follow the instructions and then look at C:\Program Files\OpenSSH\sshd_config_default, you’ll notice that the last few lines look something like this:

Match Group administrators
    AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys

If you see this, and you want to be able to authenticate to your machine with SSH keys instead of entering your password every time, you’ll need to place your authorized keys file at C:\ProgramData\ssh\administrators_authorized_keys instead of the usual $home\.ssh\authorized_keys. This seemed kind of strange to me but it seems that the choice was made to avoid a local privilege escalation exploit. Don’t forget to fix the permissions on the file afterwards, and also make sure the file name is correct. If you create the file with notepad, it’ll probably append a .txt extension to it that you don’t want.


Questions? Concerns? Thoughts? Suggestions? Get in touch