SETUP (SFTP) Open SSH Server on Windows

Requirements

Windows Server 2019 or Windows 10 version 1809+

Install OpenSSH

Press the Win + I keys to open the settings. Navigate to Apps -> Apps and Features -> Optional Features.

O the Installed features search for "OpenSSH" you will have the option to install the OpenSSH client or OpenSSH server.

Configuring the SSH Server

Press Win + R and type powershell; Run powershell as administrator, the following commands is responsible for having minimum consistency in the SSHD service:

To start the SSHD service automatically, use the command:

Set-Service -Name sshd -StartupType 'Automatic'

To setup the SFTP firewall port 22 Inbound, use the command:

New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22

SSH (RSA) Key Generation

Two keys will ne generated for the client(private) and server(public).

Run powershell as administrator, to generate a pair of RSA 2048 keys use the command:

ssh-keygen

Select a key file location and enter the password for the new private key. The password will be required for SSH authentication.

The keys will be created in the specified directory:

• id_rsa(private key)[client]
• id_rsa.pub(public key)[server]

SSH-Agent Service

The ssh-agent is a key manager for SSH. It holds your keys and certificates in memory, unencrypted, and ready for use by ssh.

Run powershell as administrator, to startup the ssh-agent service use the command:

Set-Service -Name ssh-agent -StartupType 'Automatic'
Start-Service ssh-agent

Run powershell as administrator, to include the private key to the ssh-agent database:

ssh-add "{path}\.ssh\id_rsa"

Check available ports for SFTP

Run powershell as administrator, use the command:

netstat -na | Select-String "22"

Uninstall the SSH Server

Run powershell as administrator, use the command:

Stop-Service sshd

Remove-NetFirewallRule -DisplayName "OpenSSH Server (sshd)"

Stop-Service ssh-agent