Install:
Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))choco install opensshcd "C:\Program Files\OpenSSH-Win64\".\install-sshd.ps1sc.exe config sshd start=auto
Change default shell to PowerShell 6 (If you need one):
New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Program Files\PowerShell\6\pwsh.exe" -PropertyType String -Force
Generate keys for remote access:
- Login under proper user.
- Execute
ssh-keygen.exe
. - Copy
$Env:UserProfile\.ssh\id_rsa
to your ssh client. - Move or add
$Env:UserProfile\.ssh\id_rsa.pub
to$Env:UserProfile\.ssh\authorized_keys
. - Fix key file permissions:
$acl = Get-Acl $Env:UserProfile\.ssh\authorized_keys$usersid = New-Object System.Security.Principal.Ntaccount("Everyone")$acl.PurgeAccessRules($usersid)$acl | Set-Acl $Env:UserProfile\.ssh\authorized_keys
For localized Windows: there’s no “Everyone”, but something in your language. Use GUI.
If things go wrong, debug with PSTools
:
((New-Object System.Net.WebClient).DownloadFile('https://download.sysinternals.com/files/PSTools.zip', 'C:\PSTools.zip'))Expand-Archive -LiteralPath 'C:\PSTools.zip' -DestinationPath 'C:\pstools'sc.exe stop sshdC:\pstools\PsExec64.exe -s sshd.exe -d