Configure SSH server on Windows

NOTE: Windows now has OpenSSH built-in. Cygwin isn’t necessary for Windows SSH servers any more.

The robust OpenSSH server on Cygwin allows SSHing into a Windows PC for secure port forwarding Windows RDP. Use Public Key Authentication – it’s far stronger than any human usable keyboard password.

From Windows Command Prompt:

setup-x86_64 -P openssh

Cygwin SSH server setup: start Cygwin64 using “Run as Administrator” and type

  • Privilege separation: yes
  • strict modes: yes
  • sshd as service: yes
  • value of CYGWIN for daemon: (just press Enter key, don’t type anything)
  • use a different name: no

The Cygwin SSH server starts itself on reboot of Windows, but if you need to start it manually (e.g. for the first time upon installing)

cygrunsrv -S sshd

Test the SSH server:

  • login to your Windows Cygwin SSH server from another PC.
  • Under services.msc you should see the Status “started” for service “CYGWIN sshd”, and under the General tab the “path to executable” should be something like c:\cygwin64\bin\cygrunsrv.exe

Configure Cygwin SSH server in /etc/sshd_config. To make changes take effect:

cygrunsrv -E sshd
cygrunsrv -S sshd

Disable Cygwin Windows SSH server with Cygwin “Run As Administrator”:

cygrunsrv -E sshd

cygrunsrv -R sshd

Reboot and verify that you cannot connect to your former SSH server. CYGWIN sshd should not be in services.msc anymore.

If you get

system error 1069 has occurred. The service did not start due to a logon failure

check the password on your “privileged server” cyg_server – maybe you typed it wrong.