https://k2.ixota.com/index.php?action=history&feed=atom&title=Windows%2FSSH
Windows/SSH - Revision history
2026-06-26T16:08:12Z
Revision history for this page on the wiki
MediaWiki 1.33.1
https://k2.ixota.com/index.php?title=Windows/SSH&diff=5857&oldid=prev
Kenneth at 17:50, 12 March 2021
2021-03-12T17:50:42Z
<p></p>
<p><b>New page</b></p><div>== Chocolatey ==<br />
<br />
<pre><br />
Set-ExecutionPolicy Bypass -Scope Process -Force<br />
[System.Net.ServicePointManager]::SecurityProtocol = 3072<br />
iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))<br />
<br />
<br />
$env:chocolateyUseWindowsCompression = 'true'<br />
choco install -y openssh -params '"/SSHServerFeature"'<br />
</pre><br />
<br />
=== Config ===<br />
<br />
C:\ProgramData\ssh<br />
<br />
sshd_config:<br />
AuthorizedKeysFile .ssh/authorized_keys<br />
<br />
<pre><br />
Match Group administrators<br />
AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys<br />
</pre><br />
<br />
=== SSH Keys ===<br />
<br />
Place the keys in<br />
C:\ProgramData\ssh\administrators_authorized_keys<br />
<br />
Fix the permissions with Powershell:<br />
<pre><br />
$acl = Get-Acl C:\ProgramData\ssh\administrators_authorized_keys<br />
$acl.SetAccessRuleProtection($true, $false)<br />
$administratorsRule = New-Object system.security.accesscontrol.filesystemaccessrule("Administrators","FullControl","Allow")<br />
$systemRule = New-Object system.security.accesscontrol.filesystemaccessrule("SYSTEM","FullControl","Allow")<br />
$acl.SetAccessRule($administratorsRule)<br />
$acl.SetAccessRule($systemRule)<br />
$acl | Set-Acl<br />
</pre><br />
<br />
ref: https://www.concurrency.com/blog/may-2019/key-based-authentication-for-openssh-on-windows<br />
<br />
== Ansible ==<br />
<br />
<pre><br />
- name: Install openssh<br />
win_chocolatey:<br />
name: openssh<br />
package_params: /SSHServerFeature<br />
state: present<br />
tags: openssh<br />
</pre><br />
<br />
ref: https://curiousdba.netlify.app/post/windowsopenssh/</div>
Kenneth