Windows Server 2022 Jumpbox
This guide is to connect to a Windows server through SSH (13min setup required).
Last updated
This guide is to connect to a Windows server through SSH (13min setup required).
Last updated
On the Windows server, open the Settings and go to Apps.
Go to Optional Features.
Install OpenSSH Server.
Open Computer Management application.
Go into Services and Applications > Services.
Click on OpenSSH Server.
Set Startup type to Automatic and click on Start.
Keep this window open, we will have to come back to it soon.
Open a terminal with Administrator role
Open the OpenSSH Server config file by running:
notepad "C:\ProgramData\ssh\sshd_config"
Uncomment PubkeyAuthentication.
Uncomment PasswordAuthentication and set it to no.
Comment the 2 last lines of the file (Match Group Administrator).
Save and quit the file. If you cannot save, you most certainly did not open the terminal as an Administrator, you need to open a new terminal with Administrator rights and redo the configuration changes done in this section.
In the Computer Management window, restart the OpenSSH Server.
Go in Users and go in the folder associated with the Windows user you want to connect with
Create a new folder .ssh
In this newly created folder, create an empty text file authorized_keys
By default, text files are created with a .txt extension, we need to remove it.
Click View in the header bar.
Tick the checkbox File name extensions
The .txt file extension should now be visible.
Rename the file to remove the file extension. You can safely ignore the warning.
Add the PUBLIC SSH key of the server that you want to grant access to this Windows server we are currently configuring. The public key is of the form: ssh-<encryption_algorithm> <key> .
Try connecting through SSH to the windows instance we just setup:
where:
-i <path_to_ssh_private_key_of_client>: Specifies the private key file for authentication of the client, not of the windows machine. The private key file should be readable and writable only by its owner and should be of the form:
ssh_user : the Windows User for which you uploaded the client public key. In the screenshots above it is 'alexis'.
<windows_server_public_ip>: The public IP address of the Windows server.
Permissions 0644 for <path_to_ssh_private_key_of_client> are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored.
-> You need to let only the owner of the file read and write to that file.
Run this: chmod 600 <path_to_ssh_private_key_of_client>
'export' is not recognized as an internal or external command, operable program or batch file. -> This is an error due to your client terminal, try using the default terminal of the client machine. This error typically happen when using Warp as terminal.
Permission denied (publickey,keyboard-interactive).
-> You most certainly missed one of the above steps of that tutorial, or the public ssh key uploaded on the Windows server does not correspond to the private ssh key of the client.
timeout error
-> The Windows server is not listening to the client IP and the port you are trying to connect to (SSH default port is 22). Make sure you whitelisted the client IP.
You should now have been able to access this Windows server through SSH If you are blocked or have any question, feel free to reach out to us at hello@stacksync.com we're happy to help!
