If you know, you know.
I’ll admit it: this article isn’t for the average consumer.
I discovered something recently that I want to capture because it’s useful for system administrators, server maintainers, and advanced tinkerers — especially those comfortable or used to working with Linux and those who live in the Windows Command Prompt.
People like me.
Become a Patron of Ask Leo! and go ad-free!
The Windows OpenSSH Server
Microsoft provides an OpenSSH server that can be installed via Optional Features in Windows settings. Once installed, you can connect to a command prompt on your machine remotely using the SSH tool.
SSH
SSH stands for Secure SHell. It’s not so much a shell or command line program itself as it is a way to securely connect to command-line interfaces offered by various operating systems. The “secure” part of secure shell indicates that all communication is well-encrypted.
OpenSSH is an open-source implementation of the protocol used to communicate between an SSH program on one machine and an SSH server on another.
For example, here’s an SSH session on my Windows desktop open to the command line interface of the server currently hosting askleo.com.
It’s not at all uncommon for me to have these shells open as I administer this and several other servers on which I work. In fact, I have configured it so that opening a shell to any of my servers, as well as the Mac Pro in my basement, is a simple shortcut.
I’ve long lamented the lack of such an ability in Windows.
Rather than lamenting, I should have been looking, because apparently it’s been there for a very long time.
Install Open SSH Server
Click on the Start button and start typing “optional features”.
Click on Manage optional features when it appears.
Click on Add a feature near the top of the window. The result will be a list of available optional features.
Scroll down in the list until you find “OpenSSH Server”. Check its box and click on Install.
That’s it. Open SSH server is now installed on your system.
Accessing your system
In a command prompt from another machine on your local network, connecting can be as simple as typing
ssh <username>@<machine name>
For example, in a command prompt, I entered “ssh leon@noten2020”, where “leon” is an account on the machine named “noten2020”.
It is normal for SSH to warn you the first time you connect to a server that it has no previous record of its signature. Entering “yes” continues to a password prompt. Once you enter a password, you are running a Windows Command prompt directly on the remote machine.
Additional notes
The example account “leon” above is a local machine account. I’ve confirmed that Microsoft accounts also work, at least with some SSH clients, simply by specifying the entire email address as the username.
The popular “PuTTY” SSH client works well and is generally what I use.
I really only scratched the surface of the OpenSSH server and did not find any additional configuration options. My assumption is that there may be registry settings available to change whatever port it happens to be listening on as well as other options.
I was unable to get public-key authentication to work in the time I spent on it. I assume there’s a registry setting for that.
The OpenSSH server is installed as a Windows Service that can be enabled and disabled in the Services app.
Do this
Whether or not SSH is something you care about, consider subscribing to Confident Computing, my weekly newsletter. Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Podcast audio
Related Video
“Entering “yes” continues to a password prompt. Once you enter a password, you are running a Windows Command prompt directly on the remote machine.”
What password is required? The user’s login password on the remote machine you’re connecting to?
Exactly.