How to install OpenSSH on Windows 7 / 10

Use SSH on Windows, how running/launching graphical programs on remote computer in the same user session logon on Windows OS.

Requirements:
– OpenSSH (you can download the binaries from the official repository on github https://github.com/PowerShell/Win32-OpenSSH/releases)
– PsTools (official useful tools from Microsoft https://docs.microsoft.com/en-us/sysinternals/downloads/pstools)
– PowerShell

Install Pstools (by microsoft)

  1. Download the tools
  2. Copy the content of the folder PSTools under “C:\Windows\System32\”.
  3. Open the cmd as administrator and run C:\Windows\System32\psexec.exe, accept the eula license.

Install SSH Server on Windows 7 / 10

  1. Download the latest OpenSSH for Windows binaries (package OpenSSH-Win64.zip or OpenSSH-Win32.zip)
  2. As the Administrator, extract the package to %PROGRAMFILES%\OpenSSH
    note: the folder must be named “OpenSSH”
  3. Open PowerShell as the Administrator (right click on PowerShell icon, “run as administrator”), change directory to “C:\Program Files\OpenSSH” install sshd and ssh-agent services with the command
    > cd “%PROGRAMFILES%\OpenSSH”
    > powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps
  4.  Allow incoming connections to SSH server in Windows Firewall:
    – Either run the following PowerShell command (Windows 8 and 2012 or newer only), as the Administrator:

    New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22

    – or go to Control Panel > System and Security > Windows Firewall> Advanced Settings > Inbound Rules and add a new rule for port 22.

  5. Start the service and/or configure automatic start:
    ◦ Go to Control Panel > System and Security > Administrative Tools and open Services. Locate sshd service.
    ◦ If you want the server to start automatically when your machine is started: Go to Action > Properties. In the Properties dialog, change Startup type to Automatic and confirm.
    ◦ Start the sshd service by clicking the Start the service.
  6. Create the ~./.ssh folder under C:\Users\<user>\.ssh

  7. Create the file “authorized_keys” under ~./.ssh

  8. Run the scrips to fix/check correct permission a PowerShell with administrator privilege.

    > powershell.exe -ExecutionPolicy Bypass -File FixHostFilePermissions.ps1
    > powershell.exe -ExecutionPolicy Bypass -File FixUserFilePermissions.ps1
  9. Personalize your SSH server settings editing the configuration file %PROGRAMDATA%\ssh\sshd_config.

Install SSH Client on Windows 7 / 10

  1. Do the step from 1 to 2 from the above paragraph “Install SSH Server on Windows 7 / 10”

Enable public keys without using password on client

  1. Open cmd.exe as Administrator and run ssh-keygen.exe and press enter to all message for default configuration
> cd “%PROGRAMFILES%\OpenSSH”
> ./ssh-keygen.exe

Enable public keys without using password on Server

  1. Copy the private and public key on the ~.ssh folder of the user that you want use on the server.Run ssh-add.exe to add you private and public key to the ssh-agent.
    Note: ensure that ssh-agent is running.

    > ./ssh-add.exe

Run graphical programs on remote computer with Windows using psexec.exe

Connect to the remote machine with ssh and run notepad.exe on the remote computer in the same user sessions opened

> cd “%PROGRAMFILES%\OpenSSH”
> ssh.exe [remote_local_user]@[remote_ip] -i “C:\Users\\.ssh\id_rsa”
user@remote_ip> psexec.exe \\127.0.0.1 -d -i -s notepad.exe