NOTE: Windows 10 ≥ 1809 has OpenSSH built-in. Cygwin isn’t necessary for Windows SSH servers any more.

The robust OpenSSH server on Cygwin allows SSHing into a Windows PC for secure port forwarding Windows RDP. Use Public Key Authentication – it’s far stronger than any human usable keyboard password.

Setup

From Windows Command Prompt:

setup-x86_64 -P openssh

Cygwin SSH server setup: start Cygwin64 using “Run as Administrator” and type

ssh-host-config

• Privilege separation: yes
• strict modes: yes
• sshd as service: yes
• value of CYGWIN for daemon: (just press Enter key, don’t type anything)
• use a different name: no

Start

The Cygwin SSH server starts itself on reboot of Windows, but if you need to start it manually (e.g. for the first time upon installing)

cygrunsrv -S sshd

Test

• login to your Windows Cygwin SSH server from another PC.
• Under services.msc you should see the Status “started” for service “CYGWIN sshd”, and under the General tab the “path to executable” should be something like c:\cygwin64\bin\cygrunsrv.exe

Configure

Cygwin SSH server config is in /etc/sshd_config. To make changes take effect, type

cygrunsrv -E sshd
cygrunsrv -S sshd

Remove Cygwin SSH server

Disable Cygwin Windows SSH server with Cygwin “Run As Administrator”:

cygrunsrv -E sshd

cygrunsrv -R sshd

Reboot and verify that you cannot connect to your former SSH server. CYGWIN sshd should not be in services.msc anymore.

Notes

If you get

system error 1069 has occurred. The service did not start due to a logon failure

check the password on your “privileged server” cyg_server – maybe you typed it wrong.

Related

• Linux to Windows SSH / RDP
• Windows to Windows SSH / RDP