In the modern era of hybrid working environments, securing remote connections is paramount. Windows 11, keeping pace with this need, facilitates the integration of OpenSSH server for a secure remote login, utilizing key-based authentication. This post delineates a step-by-step approach to set up OpenSSH server, manage key-based authentication, and handle service operations seamlessly using PowerShell.
Installing OpenSSH Server using PowerShell
- Launch PowerShell as an Administrator.
- Execute the following command to install OpenSSH Server:
Add-WindowsFeature -Name OpenSSH.Server- Once installed, you can check the installation with:
Get-WindowsFeature -Name OpenSSH.*Managing SSH Public Key
For User Access:
- Save the public key in C:\Users\<username>\.ssh\authorized_keys.
For Administrator Access:
- Save the public key in C:\ProgramData\ssh\administrators_authorized_keys.
Adding the Key using PowerShell:
Add-Content -Path "C:\Users\<username>\.ssh\authorized_keys" -Value $(Get-Content -Path "<path_to_public_key>")Managing OpenSSH Service
# check service status
Get-Service -Name sshd
# start service
Start-Service sshd
# stop service
Stop-Service sshd
# restart service
Restart-Service sshdUnderstanding SSH-Agent
SSH-Agent is a background program that handles private key operations. It stores your private keys securely, requiring you to unlock them only once, thus easing the authentication process.
Generating SSH Key using PowerShell
ssh-keygen -t ed25519Follow the on-screen instructions to specify a path and passphrase for your keys.
Adding Key to SSH-Agent
Start-Service ssh-agent ssh-add $env:USERPROFILE\.ssh\id_ed25519Utilizing the Key for Secure Connection
For using the stored keys in SSH Agent, just run a SSH client as always:
ssh username@server_addressBy following the above-mentioned steps, you not only set up a robust OpenSSH server on Windows 11 but also ensure a secure remote connectivity through key-based authentication.