Open ssh client windows

В Windows 10 и Windows Server 2019 появился встроенный SSH клиент, который вы можете использовать для подключения к *Nix серверам, ESXi хостам и другим устройствам по защищенному протоколу, вместо Putty, MTPuTTY или других сторонних SSH клиентов. Встроенный SSH клиент Windows основан на порте OpenSSH и предустановлен в ОС, начиная с Windows 10 1809.

Установка клиента OpenSSH в Windows 10

Клиент OpenSSH входит в состав Features on Demand Windows 10 (как и RSAT). Клиент SSH установлен по умолчанию в Windows Server 2019 и Windows 10 1809 и более новых билдах.

Проверьте, что SSH клиент установлен:

Get-WindowsCapability -Online | ? Name -like 'OpenSSH.Client*'

Картинка с сайта: winitpro.ru

В нашем примере клиент OpenSSH установлен (статус: State: Installed).

Если SSH клиент отсутствует (State: Not Present), его можно установить:

• С помощью команды PowerShell:
  Add-WindowsCapability -Online -Name OpenSSH.Client*
• С помощью DISM:
  dism /Online /Add-Capability /CapabilityName:OpenSSH.Client~~~~0.0.1.0
• Через Параметры -> Приложения -> Дополнительные возможности -> Добавить компонент. Найдите в списке Клиент OpenSSH и нажмите кнопку Установить.

Картинка с сайта: winitpro.ru

]Бинарные файлы OpenSSH находятся в каталоге c:\windows\system32\OpenSSH\.

• ssh.exe – это исполняемый файл клиента SSH;
• scp.exe – утилита для копирования файлов в SSH сессии;
• ssh-keygen.exe – утилита для генерации ключей аутентификации;
• ssh-agent.exe – используется для управления ключами;
• ssh-add.exe – добавление ключа в базу ssh-агента.

Картинка с сайта: winitpro.ru

Вы можете установить OpenSSH и в предыдущих версиях Windows – просто скачайте и установите Win32-OpenSSH с GitHub (есть пример в статье “Настройка SSH FTP в Windows”).

Как использовать SSH клиенте в Windows 10?

Чтобы запустить SSH клиент, запустите командную строку
PowerShell
или
cmd.exe
. Выведите доступные параметры и синтаксис утилиты ssh.exe, набрав команду:

ssh

usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
[-D [bind_address:]port] [-E log_file] [-e escape_char]
[-F configfile] [-I pkcs11] [-i identity_file]
[-J [user@]host[:port]] [-L address] [-l login_name] [-m mac_spec]
[-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address]
[-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]]
destination [command]

Картинка с сайта: winitpro.ru

Для подключения к удаленному серверу по SSH используется команда:

ssh username@host

Если SSH сервер запущен на нестандартном порту, отличном от TCP/22, можно указать номер порта:

ssh username@host -p port

Например, чтобы подключиться к Linux хосту с IP адресом 192.168.1.202 под root, выполните:

ssh [email protected]

При первом подключении появится запрос на добавление ключа хоста в доверенные, наберите yes -> Enter (при этом отпечаток ключа хоста добавляется в файл C:\Users\username\.ssh\known_hosts).

Затем появится запрос пароля указанной учетной записи, укажите пароль root, после чего должна открытся консоль удаленного Linux сервера (в моем примере на удаленном сервере установлен CentOS 8).

Картинка с сайта: winitpro.ru

С помощью SSH вы можете подключаться не только к *Nix подобным ОС, но и к Windows. В одной из предыдущих статей мы показали, как настроить OpenSSH сервер на Windows 10 и подключиться к нему с другого компьютера Windows с помощью SSH клиента.

Если вы используете SSH аутентификацию по RSA ключам (см. пример с настройкой SSH аутентификации по ключам в Windows), вы можете указать путь к файлу с закрытым ключом в клиенте SSH так:

ssh [email protected] -i "C:\Users\username\.ssh\id_rsa"

Также вы можете добавить ваш закрытый ключ в SSH-Agent. Сначала нужно включить службу ssh-agent и настроить ее автозапуск:

set-service ssh-agent StartupType ‘Automatic’
Start-Service ssh-agent

Добавим ваш закрытый ключ в базу ssh-agent:

ssh-add "C:\Users\username\.ssh\id_rsa"

Теперь вы можете подключиться к серверу по SSH без указания пути к RSA ключу, он будет использоваться автоматически. Пароль для подключения не запрашивается (если только вы не защитили ваш RSA ключ отдельным паролем):

ssh [email protected]

Еще несколько полезных аргументов SSH:

• -C
  – сжимать трафик между клиентом и сервером (полезно на медленных и нестабильных подключениях);
• -v
  – вывод подробной информации обо всех действия клиента ssh;
• -R
  /
  -L
  – можно использовать для проброса портов через SSH туннель.

SCP: копирование файлов из/в Windows через SSH

С помощью утилиты scp.exe, которая входит в состав пакета клиента SSH, вы можете скопировать файл с вашего компьютера на SSH сервер:

scp.exe "E:\ISO\CentOS-8.1.1911-x86_64.iso" [email protected]:/home

Картинка с сайта: winitpro.ru

Можно рекурсивно скопировать все содержимое каталога:

scp -r E:\ISO\ [email protected]:/home

И наоборот, вы можете скопировать файл с удаленного сервера на ваш компьютер:

scp.exe [email protected]:/home/CentOS-8.1.1911-x86_64.iso e:\tmp

Если вы настроите аутентификацию по RSA ключам, то при копировании файлов не будет появляться запрос на ввод пароля для подключения к SSH серверу. Это удобно, когда вам нужно настроить автоматическое копирование файлов по расписанию.

Итак, теперь вы можете прямо из Windows 10 подключаться к SSH серверам, копировать файлы с помощью scp без установки сторонних приложений и утилит.

Windows users normally use the Remote Desktop Protocol to access other Windows devices remotely. As RDP offers a remote graphical user interface (GUI), it is a convenient method for remote access. However, it offers limited functionality, especially if you are a sysadmin. For that purpose, some people prefer to use the Secure Socket Shell (SSH) protocol.

SSH provides a command-line interface to remote computers and servers, and therefore, a more granular control over them. Previously, we used third-party apps like “PuTTY” and “MobaXterm” to develop an SSH connection with the remote devices. However, Microsoft has made a Windows-native SSH client available which can be used instead.

OpenSSH for Windows is a Feature on Demand (FoD) add-on for the Windows operating system. This means that although it is free, it is not installed by default, and needs to be installed manually. If you install it, you can use the SSH protocol through the native command line to access and control the remote computers, provided that your user account has the required privileges.

This guide will show you how to install and use OpenSSH for Windows. These will work on both Windows 11 and Windows 10 (version 1809 and above). Using this guide, you can install both OpenSSH Client and OpenSSH Server in a few easy steps.

What is OpenSSH

The Secure Socket Shell, or Secure Shell is a networking protocol that allows a remote connection with another device securely. SSH uses a client-server model to communicate with remote computers and ensures data integrity through encryption. It uses multiple layers of the OSI reference model to make sure that the communicated data between the devices is secure.

Originally, OpenSSH was a tool used for remote connection with other devices which comes preinstalled in Linux-based operating systems. Since it is an open-source utility, it has been modified for other platforms, including Windows.

Microsoft has now made “OpenSSH for Windows” available that you can install with a small update package.

Before installing OpenSSH, your system needs to meet a few requirements.

Requirements for OpenSSH for Windows

Before proceeding to install either OpenSSH Client or Server, you must make sure that your PC satisfies the prerequisites, which are:

• OS should be Windows 10 version 1809 or later.
• The PowerShell version should be 5.1 or above
• The user account must be a member of the Administrators group.

To check the OS version, run the following command in the Run Command box:

WinVer

To check the PowerShell version, run the following command in PowerShell:

$PSVersionTable.PSVersion

To check if your user is a member of the Administrators group, run the following command in PowerShell. If it returns “True“, it means that you are a member of the Administrator group.

(New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)

Once you have made sure that your PC satisfies these requirements, you may continue to install OpenSSH Client, OpenSSH Server, or both.

Install OpenSSH on Windows

Implement the following steps to install OpenSSH on your Windows computer to access it remotely. Optionally, you can also install “OpenSSH Server” to access this device from another PC using the SSH protocol.

1. Press the Windows key + i to open the Settings app.

2. Click System.

3. Go to “Optional Features“.

   

   Картинка с сайта: www.itechtics.com

4. Click “View features“.

   

   Картинка с сайта: www.itechtics.com

5. Search for “OpenSSH“.

6. Select “OpenSSH Client” and optionally, “OpenSSH Server“, and then click Next.

   

   Картинка с сайта: www.itechtics.com

7. Click Install.

   

   Картинка с сайта: www.itechtics.com

After performing these steps, OpenSSH Client (and Server) will be installed on your computer.

Note: These features can take some time to install.

Alternative to the steps above, you can also run the following command in an elevated PowerShell instance to install OpenSSH for Windows:

Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'

This command will install both OpenSSH Client and OpenSSH Server.

Using OpenSSH Client for Windows

Once OpenSSH Client for Windows has been installed, you can begin using it to connect with remote PCs on the network. Of course, OpenSSH has to be configured on the remote PC first, the method for which has been given below in this post.

First, confirm that it has been installed successfully by running the following command in Command Prompt:

ssh

Картинка с сайта: www.itechtics.com

Once confirmed, you can access a remote PC on the network which has SSH configured using this command:

ssh [Username]@[ServerName]

Картинка с сайта: www.itechtics.com

Note: You may be asked for user credentials if connecting for the first time.

Note that the command above will try to connect to the remote device using the default port, which is 22. If you want to use a different port, then you will need to use this command instead:

ssh [Username]@[ServerName] -p [PortNumber]

Картинка с сайта: www.itechtics.com

Configuring OpenSSH Server for Windows

If you have installed the OpenSSH Server on your Windows PC, you will need to configure it before you can connect to this PC using the SSH protocol.

Configuring the OpenSSH server can be a bit thicker. You need to make sure that it is allowed through the firewall and the proper ports. Therefore, it involves a few steps. Here is what you need to do:

1. First, run the following command in an elevated PowerShell to run the “sshd” service automatically.

   Set-Service -Name sshd -StartupType 'Automatic'

2. Now start the service with this command:

   Start-Service sshd

3. Now use the following command to ensure that the SSH server is running and waiting for the connections on port 22:

   netstat -na| find ":22"

4. Now ensure that the Windows Defender Firewall allows inbound connections to Windows through the TCP port 22 with this command:

   Get-NetFirewallRule -Name *OpenSSH-Server* |select Name, DisplayName, Description, Enabled

   

   Картинка с сайта: www.itechtics.com

5. [Conditional] If you find that the rule is missing or disabled, run the following command to create a new inbound rule:

   New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22

6. To change the default rules for the SSH connection, run the following command in PowerShell which will open the respective OpenSSH file in Notepad:

   start-process notepad C:\Programdata\ssh\sshd_config

7. Make the necessary changes in the file to manage the permissions, and then save the file using the CTRL + S shortcut keys.

   Here are a few examples of the rules:

   • Deny domain user: DenyUsers itt\administrator@192.168.10.10
   • Allow a domain group: AllowGroups itt\sshadmins
   • Allow local groups: AllowGroups Administrators
   

   Картинка с сайта: www.itechtics.com

8. After making the changes, run the following command in PowerShell:

   restart-service sshd

After performing the steps above, you should be able to connect to this PC using the SSH protocol. For that purpose, use the command ssh [Username]@[ServerName] as discussed above.

Conclusion

With SSH, you do not need to perform a long string of operations to perform a simple task. Instead, you can access it with Windows-native OpenSSH and continue to manage the remote PC using commands. This makes OpenSSH for Windows an excellent utility for network and system administrators.

How to Download, Install, and Configure OpenSSH for Windows

Download

To get started with OpenSSH for Windows, select the appropriate file from the list on the right. Choose the version that matches your system’s architecture:

• ARM: For ARM-based Windows devices
• ARM64: For 64-bit ARM architecture
• Win32: For 32-bit Windows systems
• Win64: For 64-bit Windows systems

Download the corresponding installer (.msi) or zip file for your platform. Symbol files are also available for debugging purposes if needed.

Install

For MSI Installers:

1. Run the downloaded .msi file.
2. Follow the on-screen instructions in the installation wizard.
3. The default installation location is usually C:\Program Files\OpenSSH, but you can choose a different path if desired.
4. After installation, OpenSSH server and client tools will be available on your system.

For Zip Files:

1. Download the zip file for your platform.
2. Extract the contents to your preferred location, such as C:\OpenSSH.
3. Add the OpenSSH binaries to your system’s PATH environment variable to make the command-line tools accessible.

Configure

Server Configuration:

1. Go to the OpenSSH installation directory.
2. Locate the sshd_config file. This file allows you to customize settings such as:
   • Permitted users
   • Authentication methods (password or key-based)
   • Port and address configurations
3. Edit the configuration file with a text editor to meet your security requirements.
4. Save the changes and restart the OpenSSH server service.

Client Configuration:

OpenSSH client tools, including ssh and scp, are included. Use these tools to securely connect to remote systems. For example, use the ssh command to connect to a remote server.

Verify Installation

After installation, verify that OpenSSH is properly installed by checking the version information through the command line.

In the realm of modern computing, secure connections are paramount, especially for developers, system administrators, and anyone working with remote servers. OpenSSH (Open Secure Shell) is a robust suite of tools that provides encrypted communication over an unsecured network. Windows 11, like its predecessor Windows 10, includes an OpenSSH Client, making it easier than ever to connect to remote systems securely. In this comprehensive guide, we will walk through the step-by-step process of installing and configuring OpenSSH Client on Windows 11.

Understanding OpenSSH and its Importance

OpenSSH is a set of tools that allows you to securely connect to servers and machines over a network. It uses cryptographic techniques to protect the communication between your computer and the server, ensuring that sensitive data such as passwords, commands, and files are kept secure from eavesdropping or tampering. The most common tools included in the OpenSSH suite are:

• SSH (Secure Shell): Used for secure remote login to computers.
• SCP (Secure Copy Protocol): Used for securely transferring files between computers.
• SFTP (SSH File Transfer Protocol): Provides a secure way of transferring files and managing file systems over SSH.

Prerequisites for Installation

Before proceeding with the installation of OpenSSH Client on your Windows 11 system, you should ensure that:

1. Windows 11 is Installed: Check for any pending updates to ensure you are running the latest version of Windows 11.
2. Administrator Privileges: Ensure you have administrator access to your machine, as the installation process may require elevated permissions.
3. Internet Access: A stable internet connection is necessary if you are downloading packages or updates.

Checking If OpenSSH Client is Already Installed

Before diving into the installation process, it’s wise to check if OpenSSH Client is already installed on your system. Windows 11 includes OpenSSH Client by default, but it may not be enabled.

Steps to Check OpenSSH Installation:

1. Open Windows Terminal: You can do this by searching for «Terminal» in the Start menu.
2. Run the SSH Command: Type the following command and hit Enter:

   ssh

3. Interpret the Output:
   • If OpenSSH Client is installed, you will see a list of options and instructions for using the ssh command.
   • If you receive an error like “command not found,” it indicates that OpenSSH Client is either not installed or not enabled.

Installing OpenSSH Client on Windows 11

If you found that OpenSSH Client is not installed, follow the steps below to install it.

Method 1: Using Windows Settings to Install OpenSSH Client

1. Open Settings: Click on the Start button and select Settings, or use the keyboard shortcut Windows + I.

2. Navigate to Apps: In the Settings window, click on Apps in the left sidebar.

3. Optional Features: Click on Optional features. Here, you’ll find a list of installed features as well as options to add new ones.

4. Add Feature: At the top of the Optional features menu, click on the Add an optional feature button.

5. Search for OpenSSH: In the search bar, type «OpenSSH Client». This should display the OpenSSH Client in the search results.

6. Install OpenSSH Client: Check the box next to OpenSSH Client and then click the Install button. Wait for the installation to complete.

7. Verify Installation: Once installed, you can verify its presence by opening the Windows Terminal and typing ssh again. If installed correctly, it will show the SSH options.

Method 2: Using PowerShell to Install OpenSSH Client

If you prefer using the command line, PowerShell can be a more efficient way to install OpenSSH Client.

1. Open PowerShell: Right-click on the Start button and select Windows Terminal (Admin) or search for «PowerShell» and run it as an administrator.

2. Check for OpenSSH Client: Before installing, it’s good practice to check if the feature is available:

   Get-WindowsCapability -Online | Where-Object { $_.Name -like 'OpenSSH*' }

3. Install the Client: If the OpenSSH Client is listed and its state is Not Present, run the following command:

   Add-WindowsCapability -Online -Name OpenSSH.Client

4. Confirmation Message: After running the command, you will receive a confirmation message once the installation successfully completes.

5. Verification: Just as before, type ssh in the terminal to confirm that the installation was successful.

Using OpenSSH Client

After successfully installing OpenSSH Client, it’s time to get acquainted with its functionalities. Below are some common commands you will frequently use:

1. Connecting to a Remote Server

To connect to a remote server, use the following command, replacing «username» with your actual username and «hostname» with the server address:

ssh username@hostname

Example:

ssh [email protected]

2. Using a Specific Port

If your SSH server is running on a non-standard port (other than 22), you can specify it using the -p option:

ssh -p PORT_NUMBER username@hostname

Example:

ssh -p 2222 [email protected]

3. Secure Copy (SCP)

To copy files from your local machine to a remote server, use the scp command:

scp /path/to/local/file username@hostname:/path/to/remote/directory

Example:

scp C:UsersYourNameDocumentsfile.txt [email protected]:/home/user/

To copy a file from a remote server to your local machine:

scp username@hostname:/path/to/remote/file /path/to/local/directory

4. SFTP for Secure File Transfer

For more advanced file management, SFTP provides a better user experience. To start an SFTP session, use the command:

sftp username@hostname

This will bring up an interface similar to FTP. You can use commands such as put, get, ls, and cd to navigate and transfer files.

5. Generating SSH Keys

For enhanced security, you may want to use SSH keys instead of passwords. To generate SSH keys, use the following command:

ssh-keygen

Follow the prompts to choose a file location (defaults to C:UsersYourName.sshid_rsa) and passphrase.

The public key will be saved as id_rsa.pub. You can add this key to the ~/.ssh/authorized_keys file on your remote server to allow password-less authentication.

Troubleshooting Common Issues

While installing and using OpenSSH Client is generally straightforward, you may encounter some issues. Here are some common problems and their solutions:

1. SSH Connection Issues

Symptoms: Unable to connect to the SSH server, timeout or refused connection errors.

Solution:

• Ensure that the SSH server is up and running on the remote machine.
• Check that you are using the correct hostname or IP address.
• Verify that any firewall settings on the local or remote machine are not blocking SSH connections.
• If using a specific port, make sure that you are specifying it correctly.

2. Permission Denied Errors

Symptoms: Receiving a «Permission denied» message when trying to log in.

Solution:

• Check that you are using the correct username.
• Ensure that your public key is correctly added to the ~/.ssh/authorized_keys file on the SSH server.
• Verify permissions on the SSH server. The .ssh directory should typically have 700 permissions, and the authorized_keys file should have 600 permissions.

3. Slow Connection Speeds

Symptoms: Experiencing lag or slow connection speeds when using SSH.

Solution:

• Check your internet connection. Ensure that there are no bandwidth hogs on your network.
• If connecting over a VPN, consider disconnecting to see if it improves speed.
• Use the -v option in the SSH command to enable verbose logging and diagnose issues.

Conclusion

Installing OpenSSH Client on Windows 11 is a straightforward process, whether you prefer using the Windows Settings interface or PowerShell. Once installed, OpenSSH Client gives you the ability to securely connect to remote systems, transfer files, and manage file transfers using powerful commands that are essential for any developer or IT professional.

With this guide, you should now have a solid understanding of how to install and utilize OpenSSH Client on your Windows 11 machine. Whether you’re managing remote servers or transferring files securely, OpenSSH Client is an invaluable tool in your toolkit. Embrace the power of secure communications and enhance your productivity in today’s digital landscape!