### verify availability and versions
Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'
### do install
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
### configure
Get-Service -Name sshd | Set-Service -StartupType Automatic
### and run the service
Start-Service sshd
### setup firewall rule
if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) {
Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
} else {
Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
}
### [optional] Set powershell as command interpreter
New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
### Make sure that the .ssh directory exists in your server's user account home folder
ssh user1@example.com mkdir C:\ProgramData\ssh\
### Use scp to copy the public key file generated previously on your client to the authorized_keys file on your server
scp ~/.ssh/id_ed25519.pub user1@example.com:C:\ProgramData\ssh\administrators_authorized_keys
### Appropriately ACL the authorized_keys file on your server
ssh --% user1@example.com icacls.exe "C:\ProgramData\ssh\administrators_authorized_keys" /inheritance:r /grant "Администраторы:F" /grant "SYSTEM:F"
### Go use it...
ssh user1@example.com