This is probably my first article on Microsoft Windows. Some days back, I was asked to perform some tasks on Windows, though I’m not really a big fan of Windows, I managed to do it. Prior to the tasks, I wanted to have my usual SSH capabilities to log on the server, so I decided to install OpenSSH on the Windows 2012 R2 server. Microsoft has a repository for OpenSSH on Github. An interesting thing about Windows is that SSH has now been brought to Windows 2016. Well, I decided to add a new category on tunnelix.com about ‘Windows‘. Comment below if you find this weird!
1. Point yourself into the directory where you want the file to be downloaded. In my case, it is the directory: C:\Users\Administrator\Desktop :
PS C:\Users\Administrator> cd C:\Users\Administrator\Desktop
2. The installation is pretty simple. You will need to download the .zip file from the Github repository using the Invoke-WebRequest command. By default, Invoke-WebRequest command supports TLS 1.1 and same has been deprecated. So you might need to change the security protocol to TLS1.2 or TLS1.3 using the following command:
PS C:\Users\Administrator\Desktop> [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
3. Then download the binary using the Invoke-WebRequest:
PS C:\Users\Administrator\Desktop> Invoke-WebRequest -Uri "https://github.com/PowerShell/Win32-OpenSSH/releases/download/v7.7.2.0p1-Beta/OpenSSH-Win64.zip" -OutFile "powershell.zip"
4. On a fresh installation, Windows 2012 R2 does not have the Expand-Archive command, so we will use .NET directly. Add-Type loads a .dll with the necessary .net functions in your current session. then [io.compression.zipfile] is a reference to that loaded .dll and ::ExtractToDirectory is the way to call a function from that dll :
PS C:\Users\Administrator\Desktop> Add-Type -assembly "system.io.compression.filesystem"
5. Now, we can unzip the file:
PS C:\Users\Administrator\Desktop> [io.compression.zipfile]::ExtractToDirectory( 'C:\Users\Administrator\Desktop\powershell.zip','C:\Users\Administrator\Desktop' )
6. After unzipping the file, get into the directory that has been unzipped and launch the installation:
PS C:\Users\Administrator\Desktop> cd .\OpenSSH-Win64
PS C:\Users\Administrator\Desktop\OpenSSH-Win64> .\install-sshd.ps1
7. The output should look as follows:
**** Warning: Publisher OpenSSH resources are not accessible.
[SC] SetServiceObjectSecurity SUCCESS
[SC] ChangeServiceConfig2 SUCCESS
[SC] ChangeServiceConfig2 SUCCESS
sshd and ssh-agent services successfully installed
8. The following command will show the status of the SSHD service:
PS C:\Users\Administrator\Desktop\OpenSSH-Win64> get-service | findstr ssh
Stopped ssh-agent OpenSSH Authentication Agent
Stopped sshd OpenSSH SSH Server
9. Launch the service with the following command:
PS C:\Users\Administrator> Start-Service sshd
10. You might need to add firewall rules to allow port 22 on the machine
PS C:\Users\Administrator> netsh advfirewall firewall add rule name=SSHPort dir=in action=allow protocol=TCP localport=22
11. You can also configure OpenSSH server to start automatically after the server reboot.
PS C:\Users\Administrator> Set-Service -Name sshd -StartupType "Automatic"
OpenSSH must be ready by now. You can SSH on your Windows server now. In future articles, I will blog more about Windows system administration, LDAP on Windows and more about Windows 2016 server. Enjoy 🙂