Today, I was tempted to take control of a Windows machine remotely in console mode as I’m trying to script the launch and use of VLC. A quick Google search reveleaed the existence of the sshwindows project which is a more lightweight solution than a full cygwin installation.

Here are the installation steps :

Download and run the sshwindows installer.

As the setup will tell you, some simple commands will be needed to complete the installation. Launch the windows command line tool (windows key -> type cmd -> press enter) and head to the directory in which you installed open ssh.

cd \
cd "Program Files (x86)"
cd OpenSSH

The steps needed to complete the installation are detailed in the docs folder in two files : quickstart.txt will quickly sum up the steps while the readme.txt is a more detailed setup and troubleshooting guide.

Below is a step by step process on what I had to do to get the server running :

# go to the bin directory of the OpenSSH folder
cd bin
# create the default groups
mkgroup -l >> ..\etc\group
#create the default users
mkpasswd -l >> ..\etc\passwd
# Note: for neither of the above commands did I bother with the domain version documented in the quickstart
# Now, if you look in ..\etc\passwd, you will see entries (one per line) for all your Windows users.

# Start the server in debug mode
cd ..\usr\sbin
sshd -d -d -d

According to the quickstart guide, everything should work at this point but that was not the case for me.
I had permission errors with the rsa and das key files

Below is the message I saw :

debug1: sshd version OpenSSH_3.8.1p1
Permissions 0644 for '/etc/ssh_host_rsa_key' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /etc/ssh_host_rsa_key
Could not load host key: /etc/ssh_host_rsa_key
Permissions 0644 for '/etc/ssh_host_dsa_key' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /etc/ssh_host_dsa_key
Could not load host key: /etc/ssh_host_dsa_key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.

I solved that problem by using chown and chmod available in the bin folder to change the persmission on these files. As I found out trying to run chown, I needed a cygintl-2.dll file which I didn’t have on that computer. I ended up copying it from another computer running an up to date install of cygwin. In this up to date version, cygintl-2 was called cygintl-8, I renamed it. If you need to, download cygintl-2.dll and cygwin1.dll and place them in your OpenSSH\bin directory. Note that you will need to replace the existing cygwin1.dll.

cd ..\..\etc
..\bin\chown <username> *
..\bin\chmod 600 *
# ls -lsa to confirm that the permissions were changed
# run the server in debug mode again...
cd ..
usr\sbin\sshd -d -d -d
# If prompted, allow the service to accept incoming connections...

That’s it, at this point, the server starts. You can kill it (CTRL+C) and start it as a Windows service by running

net start opensshd

Time to test our SSH server with a client. On a different computer, run a SSH client (if the other computer is running Windows, you can use putty).

ssh <username>@<ip_windows_machine>
# You will be prompted to accept the authenticity of host, type yes
# You will be prompted for a password
# Enter your windows password

At this point, it worked for me ! Now I can connect to a Windows 7 using SSH and that makes Windows a lot cooler ! Thanks to the developer, Michael Johnson.

Going further, the public key authentication

Since my goal, with all this, was to script the use of VLC from a Unix machine on the Windows one, I could use the public key authentication to bypass the interactive authentication.

The SSH public key authentication system is based on the private and public keys which are expected in the user’s home folder (in a folder called .ssh). So the first step will be to define the user’s home folder on windows.

Since I’m not using cygwin but open ssh for windows, it’s only the declaration of the home folder in openssh that I care for. I edited the file in c:\Program Files (x86)\OpenSSH\etc\passwd and changed the value before last (each value is separated by a ;). I changed the home folder for my user to /cygdrive/c/Users/<username>. Now I can go in my c:\Users\<username> folder and create a folder called .ssh. I recommend creating this folder using the command window as I don’t think it is possible with the graphical interface.

cd c:\Users\<username>
mkdir .ssh

At this point, you need a public key which you should generate with the command

ssh-keygen -t rsa

Now, the idea is to place my user’s public key in this folder in a file called authorized_keys. Since I’ve already setup my public key, I simply add to place it in that folder and do :

cd c:\Users\<username>
cp authorized_keys
# The public key authentication will not work if the permissions are not set right on this file so
"c:\Program Files (x86)\OpenSSH\bin\chown.exe" -R <username> .
"c:\Program Files (x86)\OpenSSH\bin\chmod.exe" -R 700 .ssh
"c:\Program Files (x86)\OpenSSH\bin\chmod.exe" 600 authorized_keys

Edit your ssh server configuration file and make sure the Public Key authorization is not commented (it was okay for me by default)

From your client computer, connect again using ssh <username>@<windows_ip> and you shouldn’t be prompted for a password anymore.

Now, I can simply launch commands on the windows machine by doing

ssh <username>@<ip_windows> <cmd>

Finally, moving on with my project which I’ll describe in this blog upon completion. ’till then, hope this tip helps

Filed under: Computing, Terminal, Windows

Tagged with: , , , , , ,

Liked this page?

Tweet it

Subscribe to the RSS feed or sign up for the newsletter now.

Posts related to Installing OpenSSH on Windows 7

67 Comments to "Installing OpenSSH on Windows 7"

  1. Comment by Alex on June 10, 2011 at 8:50 am Reply

    Thanks a lot.
    Chmod on windows is new for me 🙂

    • Comment by shalfon on June 10, 2011 at 9:56 am Reply

      Chmod is only available because it is included in either cygwin or windowsssh.
      Glad you liked the post.

  2. Comment by on August 24, 2011 at 9:54 am Reply

    Very detailed explanation, Thank you! For me, it is the first time I hear this possibility with windows 7.

  3. Comment by jb on September 15, 2011 at 12:22 am Reply

    Thanks, this guide helped me with the Windows 7 permissions issues. I downloaded cygintl-2 from the current cygwin install but it didn’t work. It stopped thrwoing the “You need cygintl-2.dll” error message when running ls, chown and chmod but the commands didn’t actually do anything. Replacing my .dlls with yours fixed it.

  4. […] Install openssh server on windows A list of ssh client on windows This entry was posted in Computer Tips and tagged mingw, ssh, ssh client by admin. Bookmark the permalink. […]

  5. Comment by haris on December 10, 2011 at 3:15 am Reply


    Good explanation. It works for me, but i have a questions.

    1. I followed your steps to generate the public key but i am seeing file in \Users\\.ssh

    2. cp command failed – cp authorized_keys

    Please advice.

    Thank you in Advance.

    • Comment by shalfon on December 11, 2011 at 11:40 pm Reply

      If you don’t have any unix tools such as cp installed, try using copy instead of cp. Good luck with your setup

  6. Comment by simple on December 13, 2011 at 9:58 pm Reply

    follow guide step by step was able to log on in debug mode but when i tried
    net start opensshd
    got error 5 access denied
    please advice
    thanks in advance

    • Comment by flyaway on May 5, 2012 at 6:31 am Reply

      I had the same problems.
      Please help

      • Comment by flyaway on May 5, 2012 at 6:56 am

        I solved this problem by start the CMD as administrator or start the service directly in services.msc

      • Comment by shalfon on May 5, 2012 at 8:57 am

        Thanks for posting the solution here !

  7. Comment by Anonymous on January 5, 2012 at 4:01 am Reply

    Is there a way to install ssh-keygen and openssh on windows 7 that someone maintains? openssh on windows seems un-maintained for windows.

  8. Comment by martixy on January 6, 2012 at 11:06 pm Reply

    Thank so very much! This is one solution that worked perfectly for me!

  9. Comment by Shugo on January 24, 2012 at 10:50 pm Reply

    Most of it worked for me, but when i got to the part about testing it from a 2nd pc with username@ip_of_pc i accept the connection then i type my windows password it does not accept it. Any ideas why?

    • Comment by mrmath on February 26, 2012 at 8:26 pm Reply

      I get the same exact error as Shugo.

      username@ipaddress gives the following error:
      User Sandy not allowed because shell /bin/switch is not executable
      input_userauth_request: illegal user sandy

      I’m assuming there is a permission error of some kind? thanks.

      • Comment by Symos on February 4, 2013 at 8:58 pm

        To fix the login\password issue I changed the 600 value to 700 in the chmod command and it worked. No more “not allowed because shell /bin/switch is not executable” in debug (sshd -d -d -d)

        ..\bin\chown *
        ..\bin\chmod 700 *

  10. Comment by Marcelo on April 4, 2012 at 4:29 am Reply

    I´m having the same problem as Shugo, the windows password is not working.
    Could you help us?

  11. Comment by Bird on April 6, 2012 at 6:10 pm Reply

    This guide was perfect

  12. Comment by Ionut on May 27, 2012 at 12:01 pm Reply

    thanks. rlly usefull.

  13. Comment by bl!nd on June 1, 2012 at 9:04 pm Reply

    You are a god among men.

    No for real.

    Seriously, fucking fantastic guide.

  14. Comment by Mukesh on June 19, 2012 at 2:02 pm Reply

    C:\Program Files (x86)\OpenSSH\usr\sbin\net start opensshd
    The OpenSSH Server service is starting.
    The OpenSSH Server service could not be started.

    A system error has occurred.

    System error 1067 has occurred.

    The process terminated unexpectedly.

    • Comment by Mukesh on June 19, 2012 at 2:03 pm Reply

      Any Solution for this error?

      Thanks in advance

  15. Comment by Wade on June 19, 2012 at 7:04 pm Reply

    this guide is great so far, but I keep getting stuck at the part where you type “..\bin\chown *”
    Is the username my Windows username? Or do I somehow have to register an OpenSSH account?

    • Comment by Noah1786 on November 4, 2012 at 2:12 pm Reply

      Leave your windows username…i had something similar happen but i typed Admin or Administrator (case sensitive) and that did it.

      Hope this helps!

  16. Comment by m on July 10, 2012 at 9:55 am Reply

    Hey this is great! works perfectly!! Thanks for great post!

  17. Comment by Moltar on July 16, 2012 at 4:03 pm Reply

    Awesome, thanks for the help!

  18. Comment by Munish on July 18, 2012 at 4:03 pm Reply

    Thanks a lot….I had the same problem on Windows 2008 server…and it worked like a charm…

  19. Comment by qpassa on August 3, 2012 at 11:03 am Reply

    Thanks a lot.

    But I have a problem with the publickey authentication. I’ve generated the on my client. I’ve copied the to the server and moved this file to /.ssh/authorized_keys. I’ve changed the permissions of files and folders. I’ve configured the sshd_config to:
    StrictModes no
    RSAAuthentication no
    PubkeyAuthentication yes
    AuthorizedKeysFile .ssh/authorized_keys

    But I can’t login on server. I receive the following messages:

    debug3: channel 0: status: The following connections are open:
    #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cfd -1)

    debug3: channel 0: close_fds r -1 w -1 e 6 c -1
    Connection to closed.
    debug1: Transferred: stdin 0, stdout 0, stderr 37 bytes in 4.7 seconds
    debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 7.8
    debug1: Exit status 255

    Last login: Fri Aug 3 11:57:39 2012 from
    Connection to closed.

    Any ideas why?

    Thank you very much!!!

  20. Comment by Silly Observant Guy on August 3, 2012 at 11:20 pm Reply

    What are you doing writing blog posts at 5:30 in the morning? Or was your computer clock off when you took those screenshots? :V

  21. Comment by shalfon on August 4, 2012 at 8:27 am Reply

    Peter emailed me with a question about Open SSH and I share it here as someone else might have the solution :
    “I recently followed your guide on how to set up a ssh server using OpenSSH (, and I got it working. However i ran into a bit of a snag: If i wanted to transfer files using a DD command, where would these files be stored? I´m planning on dumping my entire iPhone disk image onto my computer, but I´m not that tech-savvy and using SSH is somewhat confusing to me. I tried to follow another guide that would let you do this (which you can find here), but as i started to transfer the disk image, i realized that i had no idea where this file were being stored. If you could help me with my problem i would very much appreciate it. — Peter”

  22. Comment by shalfon on August 4, 2012 at 10:15 am Reply

    Mukesh also emailed me with a question on this matter :
    “Your guide to install openssh on windows 7 helped me a lot, it gave me a detailed explanation, thank you so much. Now I have one small issue, I have installed Opennssh on my windows 7 machine, when I try to run it in debug mode using this command “sshd –ddd” it’s working fine, Problem is when I try to run it as a sshd service using this command “net start sshd” it’s running but it’s not at all responding to the client requests like when I run it in debug mode. Please suggest me the solution for this. –Mukkesh”
    I hope he can find the solution in this thread.

    • Comment by Ed on January 2, 2013 at 9:04 pm Reply

      I have the exact same problem.

      verbose logging from ssh client gives one of two issues:

      Received disconnect from 2: fork failed: Resource temporarily unavailable


      ssh_exchange_identification: Connection closed by remote host

      I’ve seen some suggestions about doing a rebaseall but it seems to only pertain to the dll’s in the cygwin folders.

  23. Comment by Hovhannes on August 22, 2012 at 4:53 am Reply

    Hi so I installed OpenSSH for Windows and there are no readme.txt or quickstart.txt files. what do i do…

  24. Comment by Eric O on September 6, 2012 at 7:51 pm Reply

    Same as Hovhannes above – I followed your link to SourceForge and downloaded the installer, which is now different than the picture you have above. Installer (msi file) was red and there were no readme.txt or quickstart.txt files. However, when I clicked on the setupssh.exe file that was now in the zip file, I am finally getting the pictures you are showing above – the yellow install wizard and am getting the message about editing the passwd file – which did not come up with the red installer. I will continue and see if your instructions now work.

  25. Comment by Eric O on September 6, 2012 at 8:41 pm Reply

    I’ve gotten as far as the “Start the server in debug mode”, but when I put in

    sshd -d -d -d

    I get “The program can’t start because cygcrypto-0.9.7.dll is missing from your computer. Try reinstalling the program to fix this problem.” I could see very clearly that the mentioned file was in my Program Files (x86)\OpenSSH\bin directory, but I reinstalled it anyway. And cygcrypto-0.9.7.dll is once again in that same location, but I’m still getting the same message. That dll is from 2004. Is there a newer version of said file I may need?

    Thank you

  26. Comment by Eric O on September 6, 2012 at 9:12 pm Reply

    I did a complete uninstall and ran the setup.exe once again, this time without seeing the msi installer file that popped up the very first time. Am getting much further now. Will let you know how it proceeds.

    Thank you

  27. Comment by Eric O on September 6, 2012 at 9:37 pm Reply

    FINISHED! The uninstall/reinstall seemed to do the trick. Only other issue I ran into was having to turn off the Firewall in Windows 7 for private networks, but THANK YOU! Now I just need to install it on another machine and see if I can start using SSH between the two!

    • Comment by shalfon on September 6, 2012 at 9:40 pm Reply

      Hi Eric,
      True, I should have mentioned the possible problem of the Firewall though Windows might/should prompt you to accept the incoming connection ! Thanks for pointing this out in the comments here as it might help others.
      Enjoy the power of remote SSH control of your machine ! I hope the second computer setup goes well.

      • Comment by Aron Curzon on November 16, 2012 at 9:49 am

        How to create a Firewall exception for OpenSSH instead of disabling the firewall completely:

        Windows Firewall and Advanced Security
        Inbound Rules
        New Rule…
        Rule Type: Port
        Does this rule apply to TCP or UDP: TCP
        Specific local ports: 22
        What action …? Allow Connection
        When does this rule apply? Domain, Private, Public
        Name: Accept connections on port 22 for OpenSSH

  28. Comment by Eric O on September 10, 2012 at 2:16 pm Reply

    Running into a strange issue. I have installed the Open SSH on both of the Windows 7 boxes I have. If I try to ssh into one from the other, it logs me in administrator, but as soon as I put in the administrator password, it just goes right back to the c:\ prompt/command line. And even more strange – if the other box I am trying to ssh to has gone to the screensaver (just a blank screen), it never connects. It tries and tries and finally comes back that the connection has timed out. Yet, if I try to connect to one of our remote sites that are all currently Windows XP boxes, I can ssh and log into them as administrator without any problems.


  29. Comment by Eric O on September 10, 2012 at 4:59 pm Reply

    PS – problem is not just between the Windows 7 box. I tried to ssh into one of the Windows 7 boxes from a Windows XP box and as soon as I put in the password, I get “Connection closed by remote host.” So something is not set correctly with the Windows 7 box (or maybe again has to do with the Firewall?).

  30. Comment by Don Moody on September 10, 2012 at 8:30 pm Reply

    Thank you for the nice tutorial.

    Have you got any tips or pointers for getting an ssh-agent running?

  31. Comment by hlm on September 21, 2012 at 8:13 am Reply

    Hi, If I am trying to login using a public and private key set up..and I am logging into my windows machine from my mac, do i run ssh-keygen or the mac or the windows machine? and if on the windows machine, do I put the file into my mac and rename it authorized_keys with no extnesion in my ~/.ssh folder?

  32. Comment by Jose Trigueros on October 24, 2012 at 9:45 am Reply

    This totally worked, I was trying to get Tortoise Hg to use OpenSSH and it was having issues reading the id_rsa because of the permissions even though I had changed it with a different chmod.exe ( installed it with Git Extensions ). After following your recommendations, worked like a charm!

    All you have to make sure you do is add the following line to your mercurial.ini
    ssh = “ssh”

    Assuming that you have ssh in the path, putting the entire path caused it to hang for me.

  33. Comment by Mukesh on November 15, 2012 at 5:03 am Reply

    Is there any feasibility to check the sshd -ddd (debug mode) is running or not?
    Not by typing in command prompt directly shhd -ddd what I mean is there any way to check it programmatically and if it is not listening then we have to throw the command sshd -ddd to make it listen.

  34. Comment by Peter Fastovsky on December 17, 2012 at 8:52 pm Reply

    I am having an issue using the authorized_keys. If I start the server with sshd -d -d -d and test using the key files, my login works without the password. If I then stop the sshd process and start the service, I can no longer connect and the log in /var/log shows a “Status_Access Violation”.

    Any help would be appreciated.

    • Comment by Peter Fastovsky on December 18, 2012 at 2:34 pm Reply

      to answer my own question (or anybody else), make sure the Windows Openssh service is running as the user that you permissioned with the 600 access in the etc directory. By default the service will run as Local User and the permissioning above denies access to that.

  35. Comment by Lucas Oliveira on December 31, 2012 at 5:53 pm Reply

    Thx!! You really help me!!

  36. Comment by Eric O on January 23, 2013 at 3:25 am Reply

    Have used your instructions to install SSH on several Windows 7 PCs. Working fine now. Ran into a problem with a new PC when I get to the 2nd to last command – right after I’ve run the chown and chmod changes. When I then put in usr\sbin\sshd -d -d -d, the system runs several debug lines and then stops completely at:

    “Server listening on port 22.”

    I tried an uninstall and ran it again, but it’s stopping in the same place. Any ideas/suggestions?

    Thank you

    • Comment by Eric O on January 23, 2013 at 4:59 pm Reply

      Interestingly, I have found that SSH is working on said PC – even though it never went beyond that message so I could run the final “net start opensshd” command. Any ideas here?

      • Comment by Eric O on January 23, 2013 at 5:20 pm

        Sorry – I take that back. I can SSH out from either of these PCs where it stopped at previously mentioned point, but I cannot SSH into either of those PCs from which my previous SSH install worked. I get this message when I try to SSH to them:

        ssh: connect to host port 22: Connection refused

        Not sure why the install is failing – especially since it worked previously on one of the PCs.

  37. Comment by Eric O on January 23, 2013 at 5:59 pm Reply

    PROBLEM SOLVED – sorry for all the posts, but I’d missed the

    “That’s it, at this point, the server starts. You can kill it (CTRL+C) and start it as a Windows service by running…”

    in your instructions. Must pay attention to the little details!

  38. Comment by Neel on January 25, 2013 at 4:42 am Reply

    Anyone tried this in 64bit machine? sshd just crashes when ran.

    • Comment by Ed on February 12, 2014 at 8:30 pm Reply

      yep I have it running on a Win 7 x64….it’s not the best but it works most of the time

  39. Comment by tom on February 8, 2013 at 2:58 am Reply

    thanks for the explanation, i would change one thing that stopped me:

    instead of ” Launch the windows command line tool ”

    Launch the windows command line tool (As administrator)

    because the
    ..\bin\chown Administrator *
    net start opensshd

    won’t work in a normal stock standard install of windows 7

  40. Comment by Claus on February 21, 2013 at 1:01 pm Reply

    Phantastic how-to. Saved my day. Thanks a lot!

  41. Comment by Ivan on March 6, 2013 at 1:26 am Reply

    Hello, this is a GOOD article thanks to You.
    I have try it and run sshd -d-d-d eeverything fine, but when I try to connect from other PC using Putty, they ask username and Password, BUT they keep telling access denied as if wrong password. I used the same username that I make from mkpasswd (domain username), I can login to those PC win7 using those username+password. and I try connect putty to my AccessPoint everything normal.
    Any help ? Thnaks

  42. Comment by Twister on March 15, 2013 at 2:29 pm Reply

    Was of great help. Thanks a lot!

  43. Comment by tom on March 31, 2013 at 9:05 am Reply

    For all those that are having problems with login with Permission denied, please try again.
    open a command prompt and cd to your openssh\bin and run
    ..\usr\sbin\sshd -d -d -d
    try to log in and look at the debugging information if you see this line
    “User not allowed because shell /bin/switch is not executable”
    cancel with control-c
    In the same command prompt window enter the command
    chmon +x switch.exe

  44. Comment by Francisco Rocha on March 31, 2013 at 10:57 am Reply

    Muito obrigado !
    Muchas gracias !
    Thanks !
    Mercy !
    You save my day with this post 🙂

  45. Comment by Fahmida on May 9, 2013 at 11:27 am Reply

    I am still getting ‘Login with Permission denied, please try again.’ I closely checked the debug information but didnot get ““User not allowed because shell /bin/switch is not executable””. Even then I run the command “chmod +x switch.exe” (chmon is not recognized as a command on my pc). But did get my problem solved. Please please help…

  46. Comment by sandeep on June 13, 2013 at 8:34 am Reply

    Can i install openssh silently and by pass the prompt while installing

  47. Comment by Hugh Perkins on July 24, 2013 at 5:29 pm Reply

    To get the pubkey authentication to work on Windows Server 2012, I had to change the path in etc/passwd to:


    (or whichever user you prefer…)

    Note that ‘Users’ absolutely must have a capital ‘U’, or else the server will give some weird error and die.

  48. Comment by Ed on February 12, 2014 at 8:34 pm Reply

    I have this running on Win 7 x86 but I get many connections refused and many failed to fork messages from sshd.

    Sometimes I get in on the first try and other times it takes many tries.

    Anyone have a solution for this?

    • Comment by Ed on February 12, 2014 at 8:35 pm Reply

      I meant x64 …the app itself installs in “program files (x86)”

  49. Comment by Alexis on July 3, 2014 at 8:25 pm Reply

    C:\OpenSSH\Bin\chmod +x *.* fixed my pemissions denied issue.

Name (required)

Email (required)


Leave a Reply to Don Moody

  • About Me

    photo of Samantha Halfon Samantha Halfon
    Software Engineer
    blueKiwi software
    Paris, France
    I enjoy playing with my computer(s), listening to Bob Dylan (and related artists) and watching movies (especially if they were directed by Martin Scorsese or John Cassavetes). Sometimes, I play a little guitar... If not doing any of the above, I am either riding a small red bike around Paris, or, making videos. About my videomaking please check out World Wide Angle and its blog.