Windows ssh (openssh-server/openssh-client for Windows)

The open source openssh-server and the openssh-client are valuable tools for Linux users. This presentation focuses on the installation of both the ssh server and client in Windows 10/11 which are Windows 11 optional features. Windows does not have a native interface in Windows File Explorer to provide SFTP access the way that Linux does and so we install a Github project that adds this capability.

First, go into Windows Optional features and install both openssh-server and openssh-client in Windows if they are not already installed as shown in the tutorial.

So, in the video, I go into installing WinFsp, SSHFS-Win and SSHFS-Win-Manager which are valuable additions to windows ssh integration. WinFsp is system software that provides support for custom file systems on Windows. it is similar to FUSE (Filesystem in Userspace), which provides the same functionality on Linux computers. sshfs-win provides the ability to mount remote file systems via the SFTP protocol similiar to windows network drives. SSHFS-Win-Manager is an optional tool that provides a GUI front end to manage systems and authentication methods similar to the Windows putty client.

You can read about WinFsp at:

https://github.com/billziss-gh/winfsp/releases/latest?utm_source=crazyantlabs&utm_medium=blog

You can read about sshfs-win at:

https://github.com/billziss-gh/sshfs-win/releases/latest?utm_source=crazyantlabs&utm_medium=blog

You can read about sshfs-win-manager at:

https://github.com/evsar3/sshfs-win-manager

You can install all three with the Windows package manager winget from an Adminstrative Windows Powershell prompt:

winget install WinFsp.WinFsp 
winget install SSHFS-Win.SSHFS-Win
winget install --id=evsar3.sshfs-win-manager -e

In the powershell command line, we also want to create a public and private key pair for ssh authentication. Enter the following command and press enter at each of the prompts:

ssh-keygen -t rsa

At this point you can use ssh to connect to any Linux server on your network. Here’s an example:

ssh scott@172.16.1.50

Since Windows does not have an “ssh-copy-id” command to make a copy of your public key on a remote server, use the workaround in the following example adjusting your username and ip address of the remote system. Do this from a Windows Powershell:

type $env:USERPROFILE\.ssh\id_rsa.pub | ssh scott@172.16.1.51 "cat >> .ssh/authorized_keys"

The above command executed in a powershell will make a copy of your public key in the “authorized_keys” file of the remote Linux server. You will be prompted for your password on the remote system. This will allow automatic logon subsequently without credentials by simply using ssh to connect to the remote Linux server as in the following example:

ssh scott@172.16.1.50

Once your public key appears on the remote server, login will no longer require your password credentials.

In the video, I show examples of how to map a drive letter to a Linux server using SSHFS (this is really SFTP which is a part of openssh-server). I show how to do this in the video from Windows file explorer. You can also map a drive letter from the Windows command prompt:

net use s: \\sshfs\scott@172.16.1.51

You can see what is mapped:

net use

You can disconnect a mapping:

net use s: /d

As it turns out, you can use key based mapping without a password also:

net use t: \\sshfs.k\scott@172.16.1.51

The “\sshfs.k” also works to use key authentication from Windows File Explorer too!

1 Like