Buried in the list of optional features that can be installed in Windows 10 are the beta versions of a OpenSSH Client and an OpenSSH Server. The client allows you to connect to remote SSH servers directly from the Windows command line and the server allows remote users to to remotely connect to Windows 10 and receive a command prompt over SSH. For those who would like remote console access to their Windows 10 computers, the built-in Windows 10 OpenSSH Server may be what you are looking for.
![Cygwin Cygwin](https://www.maketecheasier.com/assets/uploads/2014/09/install-cygwin-select-install-directory.png)
Even better, for those who are familiar with OpenSSH from using it in Linux, the Windows 10 version operates pretty much the same. While the is really easy to install and use.
Figuring out how to get the OpenSSH Server up and running was a real pain as you have to do a lot of undocumented changes to permissions & privileges and the key generation doesn't work as expected. Now that I have figured it all out, though, it should take you no more than 10 minutes to follow these instructions and install a working OpenSSH Server implementation in Windows 10. Installing the Windows 10 OpenSSH Server The first step is to click on the Windows Start Menu ( ) and then in the search field type option. A search result labeled Manage optional features will be displayed, which you should click on. This will open up the Manage optional features screen as shown below. Manage Optional Features screen This screen shows all the currently installed optional Windows features.
Now click on the Add a feature button as indicated by the red arrow above. This will open up a list of optional features that can be installed. Most of them are font packs, but if you scroll down, you will see a feature called OpenSSH Server (Beta).
Windows 10 OpenSSH Server Installed You can now close this window. After the installation, two new Windows services called sshd and sshd-agent will have been created and the associated files will be stored in the folder C: Windows System32 OpenSSH. OpenSSH Service is missing a privilege The missing privilege that the service needs is Replace a Process Level Token and we have to add it to the NT Service sshd account. To do that, open the Local Security Policy Editor by searching for secpol in the Start Menu and selecting the Local Security Policy result that appears. When the Local Security Policy Editor opens, you should expand Local Policies and left click on User Rights Assignment.
Once you have selected User Rights Assignment, you will see various privileges in the right pane. Scroll down till you see the Replace a process level token privilege and double-click on it. This will open the properties for that privilege and show the accounts or groups that it is currently assigned to. Error 1067 when you try to start the SSHD service If you look in the C: Windows System32 OpenSSH Logs sshd.log file it will display errors like the following.
Dec 18, 2018 - In Windows, Cygwin provides the necessary tools and libraries for. That there should not be any blanks in the folder names of the installation.
5272 11:06:28:910 error: Could not load host key:./ssh_host_rsa_key 5272 11:06:28:910 error: Could not load host key:./ssh_host_dsa_key 5272 11:06:28:910 error: Could not load host key:./ssh_host_ed25519_key 5272 11:06:28:910 sshd: no hostkeys available -- exiting. SSHD is displaying these errors because you have not generated the host keys that will be used to encrypt the traffic between the server and client. To create these keys we need to execute the C: Windows System32 OpenSSH ssh-keygen.exe -A command from an so that the keys are created in the C: Windows System32 OpenSSH folder. Using the 'ssh-keygen -A' command will generate a key using the default key file path, an empty passphrase, default bits for the key type, and default comment. Normally, I would add a passphrase to the key, but in the current bundled Windows 10 version of OpenSSH, ssh-keygen will respond with a 'failed: invalid argument' error when you try and add a passphrase. When you run the C: Windows System32 OpenSSH ssh-keygen.exe -A command, it will generate a private key named ssh_host_ed25519_key and a public key named ssh_host_ed25519_key.pub in the C: Windows System32 OpenSSH folder.
![Install Install](http://hussainweb.me/wp-content/uploads/2016/07/cygwin-mirrors.png)
Running ssh-keygen.exe When ssh-keygen is finished creating and saving your key, it will bring you back to the command prompt as shown above. You can type exit and press enter to exit the elevated command prompt. Unfortunately, we are not done yet and if you try to start the sshd service, Windows will again respond with an 'Error 1067'. This is because the NT Service sshd account does not have access to the C: Windows system32 OpenSSH ssh_host_ed25519_key file.