In this tutorial, you will learn how to enable SSH on Windows Subsystem for Linux (WSL) and have the SSH server start automatically at boot.

Prerequisite:

  • Windows 10 version 1703 (Creators Update) or higher
  • Windows Subsystem for Linux Enabled
  • This Tutorial use the Ubuntu distro

Level of Difficulty: Beginner

Estimate Time to Complete Tutorial: 5 – 10 mins

Install SSH

To get the ssh server working properly, you must uninstall and then reinstall it using the following command:

  1. sudo apt remove openssh-server
  2. sudo apt install openssh-server

Edit the sshd_config

  1. Edit the sshd_config file by running the command sudo vi /etc/ssh/sshd_config
  2. In the sshd_config file:
    1. Change PasswordAuthentication to yes
    2. Add your login user to the bottom of the file by using this command: AllowUsers yourusername. Don’t forget to replace “yourusername” with your actually username.
    3. do CTRL+X to save and exit

Start or restart the SSH service

  • Check the status of the ssh service:service ssh status
  • If you see:  * sshd is not running
    • Then run this command: sudo service ssh start
  • If you see: * sshd is running
    • Then run this command: sudo service ssh --full-restart

Allow SSH service to start without password

  1. run the command sudo visudo
  2. add the following line %sudo ALL=NOPASSWD: /usr/sbin/sshd after %sudo  ALL=(ALL:ALL) ALL

You can test that you don’t need a sudo password when you start ssh by running sudo service ssh --full-restart (if ssh is already running) or sudo service ssh start(if ssh is not running)

Add a Windows Task Scheduler to automatically start ssh server

  1. Open Windows Task Scheduler
    1. Open Windows Task Scheduler
  2. Create a Basic Task
  3. In the Basic Task Window:
    1. Under Create Basic Task 
      1. Name : Start Bash SSH Server
      2. Description: Start the WSL SSh Serer via a bash command
      3. Click Next to continue
    2. Under Trigger
      1.  
      2. under When do you want the task to start?  select When the Computer Starts
      3. Click Next to continue
    3. Under Action
      1.  
      2. Select Start a Program
      3. Under Program/script: %windir%\System32\bash.exe
      4. Under Add arguments (optional): -c "sudo /etc/init.d/ssh start"
      5. Click Next to continue
    4. Under Finish
      1. Make sure all the settings are correct and click Finish to create the Task

Test that your Task scheduler is working by:

  1. Stopping the ssh server in a bash window (if it is already running) by running this command: sudo service ssh start. Make sure that the ssh server has stopped by running this command: service ssh status
    1. You should see: * sshd is not running
  2. Run your Task from the Task scheduler
  3. In your bash window run the command: service ssh status
    1. You should see : * sshd is running

Enable Port 22 in Windows Firewall

  1. Open Windows Firewall Advance Settings
  2. Click on New Rule… under Inbound Rules to create a new firewall rule
  3. Under Rule Type select Port
    1. Click Next to Continue
  4. Under Protocol and Ports select Specific local Ports and enter 22
    1. Click Next to Continue
  5. Under Action select Allow the connection
    1. Click Next to Continue
  6. Under Profile make sure to only select Domain and Private
    1. Warning: do not select Public unless you absolutely require a direct connection form the outside world. This is not recommend especially for portable device (Laptop, Tablets) that connect to random Wi-fi hotspots.
    2. Click Next to Continue
  7. Under Name
    1. Name: SSH Server
    2. Description: SSH Server
    3. Click Finish

Test SSH Remote Connection

Validate that you can connect to your ssh server by attempting to connect from a remote machine via PowerShell.

Run the command: ssh username@machinename  (if you dont have a netbios enabled router, you should use ip address instead of the machine name) to login.

 

Conclusion

You should now have SSH enabled as a service that automatically starts on boot on your Windows Subsystem for Linux (WSL)