Configure SSH server on Windows
NOTE: Windows 10 ≥ 1809 has OpenSSH built-in. Cygwin isn’t necessary for Windows SSH servers any more.
The robust OpenSSH server on Cygwin allows SSHing into a Windows PC for secure port forwarding Windows RDP. Use Public Key Authentication – it’s far stronger than any human usable keyboard password.
Setup
From Windows Command Prompt:
setup-x86_64 -P openssh
Cygwin SSH server setup: start Cygwin64 using “Run as Administrator” and type
ssh-host-config
- Privilege separation: yes
- strict modes: yes
- sshd as service: yes
- value of CYGWIN for daemon: (just press Enter key, don’t type anything)
- use a different name: no
Start
The Cygwin SSH server starts itself on reboot of Windows, but if you need to start it manually (e.g. for the first time upon installing)
cygrunsrv -S sshd
Test
- login to your Windows Cygwin SSH server from another PC.
- Under services.msc you should see the Status “started” for service “CYGWIN sshd”, and under the General tab the “path to executable” should be something like
c:\cygwin64\bin\cygrunsrv.exe
Configure
Cygwin SSH server config is in /etc/sshd_config
. To make changes take effect, type
cygrunsrv -E sshd
cygrunsrv -S sshd
Remove Cygwin SSH server
Disable Cygwin Windows SSH server with Cygwin “Run As Administrator”:
cygrunsrv -E sshd
cygrunsrv -R sshd
Reboot and verify that you cannot connect to your former SSH server.
CYGWIN sshd
should not be in services.msc anymore.
Notes
If you get
system error 1069 has occurred. The service did not start due to a logon failure
check the password on your “privileged server” cyg_server – maybe you typed it wrong.