Back to top

Windows - Installing an SSH server

Installing an SSH server on Windows 2000 or Windows XP

Cygwin is a collection of free software tools originally developed by Cygnus Solutions to allow various versions of Microsoft Windows to act somewhat like a UNIX system. It is a Linux-like environment for Windows that consists of two parts - a DLL (cygwin1.dll) which acts as a Linux API emulation layer providing substantial POSIX system call functionality and a collection of tools.

Install Cygwin and the SSH server

In order to install the OpenSSH sshd server on Windows you will need to do the following:

  1. Log on to Windows as an Administrator
  2. Create the folder C:\Cygwin
  3. Download Cygwin's setup.exe from here and save it in C:\Cygwin
  4. Launch the installer by double clicking on C:\Cygwin\setup.exe
    1. It is possible that you will get an Open File - Security Warning
    2. Simply click the Run button if you do
  5. Click Next
  6. Select Install from Internet and click Next
  7. At the Choose Installation Directory screen:
    1. Choose C:\Cygwin as the Root Directory
    2. Select Install For: All Users (RECOMMENDED)
  8. Click Next
  9. Choose C:\Cygwin as the Local Package Directory
  10. Click Next
  11. At the Select Connection Type menu - choose Direct Connection unless you know you are using another setting
  12. Click Next
  13. Choose a Download Site
  14. Click Next
  15. At the Cygwin Setup - Select packages Screen - click on the View button for "Full" view (the default view is "Category").
    1. Scroll down to find the package "openssh: The OpenSSH server and client programs" in the Package column. Click on the word "skip" so that a checked box appears in the Bin? column
    2. Scroll down to find the package "tcp_wrappers: Tools providing host-based access restrictions on tcp services" in the Package column. Click on the word "skip" so that a checked box appears in the Bin? column.
    3. Scroll down to find the package "vim: Vi Mproved - enhanced vi editor" in the Package column. Click on the word "skip" so that a checked box appears in the Bin? column.
  16. Click Next to begin the installation process
  17. Click Finish to close the installer

Configuring the SSH server

  1. Right click on My Computer --> Properties --> Advanced --> Environment Variables
  2. The upper portion contains a list of User variables and the lower portion contains a list of System variables. Click the New button underneath the System variables section to add a new system variable and add:
    1. Variable name: cygwin
    2. Variable value: ntsec
    3. Click OK to create the variable
    4. Click OK to close the Edit User Variable screen
    5. Click OK to close the Environmental Variables screen
    6. Click OK to close the System Properties screen
  3. Open a Cygwin window by launching C:\Cygwin\cygwin.bat - a black screen will appear. At the prompt type: ssh-host-config
    1. When the script asks "Should privilege separation be used?", answer yes
    2. When the script asks to "Create a new local account 'sshd'?", answer yes
    3. When the script asks to "Install sshd as a service?", answer yes
    4. When the script asks to "Enter the value of CYGWIN for the daemon:", answer ntsec

Starting the SSH server

  1. To start the sshd service, open a Cygwin window and type one of the following commands (they both accomplish the same thing):
    1. net start sshd
    2. cygrunsrv --start sshd
  2. In order to harmonize Windows user information with Cygwin - open a Cygwin window and type in the following commands (separately):
    1. mkpasswd --local > /etc/passwd
    2. mkgroup --local > /etc/group

Configure the Windows Firewall

If you are running Windows XP Service Pack 2 or Service Pack 3 - you have to configure the Windows Firewall to allow SSH traffic through it

  • Click on Start --> Control Panel --> Windows Firewall --> Exceptions Tab
  • Click the Add Port... button
  • Name: SSH
  • Port Number: 22
  • TCP
  • Click OK to add the SSH exception to the firewall
  • Click OK to close the Windows Firewall screen

Executing UNIX commands within a DOS window

If you want to be able to execute certain UNIX commands within a DOS command prompt window, do the following:

  • Right click on My Computer --> Properties --> Advanced --> Environment Variables
  • In the System variables section, highlight the Path variable and click the Edit button
  • Append the System variable by adding ;C:\Cygwin\bin to the end of the existing variable string
  • Click OK to close the Edit System Variable screen
  • Click OK to close the Environmental Variables screen
  • Click OK to close the System Properties screen

Names with spaces

If you have a Windows username that contains a space, you could expand the [space] into \[space] or use quotes. For example: If the Windows username is Ezra Cornell, you could log in with either of the following commands:

  • ssh Ezra\ Cornell@localhost
  • ssh "Ezra Cornell"@localhost

Reinstalling the SSH server

If you re-install Cygwin or run ssh-host-config when sshd is already installed, ssh-host-config will not ask for CYGWIN value. In that case, you have to stop and remove the sshd service, and then run the ssh-host-config script again.

  • cygrunsrv --stop sshd
  • cygrunsrv --remove sshd
  • ssh-host-config (enter the information as indicated above)
  • cygrunsrv --start sshd