Install:

Terminal window
Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
choco install openssh
cd "C:\Program Files\OpenSSH-Win64\"
.\install-sshd.ps1
sc.exe config sshd start=auto

Change default shell to PowerShell 6 (If you need one):

Terminal window
New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Program Files\PowerShell\6\pwsh.exe" -PropertyType String -Force

Generate keys for remote access:

  1. Login under proper user.
  2. Execute ssh-keygen.exe.
  3. Copy $Env:UserProfile\.ssh\id_rsa to your ssh client.
  4. Move or add $Env:UserProfile\.ssh\id_rsa.pub to $Env:UserProfile\.ssh\authorized_keys.
  5. Fix key file permissions:
Terminal window
$acl = Get-Acl $Env:UserProfile\.ssh\authorized_keys
$usersid = New-Object System.Security.Principal.Ntaccount("Everyone")
$acl.PurgeAccessRules($usersid)
$acl | Set-Acl $Env:UserProfile\.ssh\authorized_keys

For localized Windows: there’s no “Everyone”, but something in your language. Use GUI.

If things go wrong, debug with PSTools:

Terminal window
((New-Object System.Net.WebClient).DownloadFile('https://download.sysinternals.com/files/PSTools.zip', 'C:\PSTools.zip'))
Expand-Archive -LiteralPath 'C:\PSTools.zip' -DestinationPath 'C:\pstools'
sc.exe stop sshd
C:\pstools\PsExec64.exe -s sshd.exe -d