Installation of Secure Shell Server on Windows using Cygwin

In this tutorial you will learn how to install a Secure Shell Server (also known as sshd or Secure Shell Daemon) on a Windows system using the open ssh package and with the Cygwin utilities. You will quickly learn how to use the secure shell client to connect to a system running sshd and start a shell. The shell is the equivalant of the Windows command prompt (cmd.exe) for your information if you were unaware. This shell is what you will be interacting with on the system running shod.


SSH is a suite of client/server based tools used for encrypted communication between two systems. There are several tools included in the suite of SSH tools. The two we are going to use in this tutorial are the following:

                 1. sshd – The secure shell server software.

                 2. ssh – The secure shell client software, used to connect to the server.

                Why would you want to do this? For telnet these tools were built as a secure replacement. You need to switch to SSH now if you still use telnet. In plain text Telnet sends information across the network, including your username and password! Anyone able to sniff your network traffic can see this information and then log in as you. If you aren’t familiar with Cygwin, it is an awesome suite of tools that make many Linux utilities available in the Windows environment. This will allow you to run a BASH shell in your Windows environment! Cygwin is one way to get started learning some of the basic tools provided with Linux only if you aren’t familiar with Linux. After some days I’ll write a post about why these tools are so awesome and why everyone stuck developing on a Windows system should install them.

                A quick word about security after you install sshd. When you connect to the system running sshd, until you learn how to configure keys you will have to supply a username and password. The username and password that you will supply needs to be correspondent with a Windows user account on the system running sshd. That means you should always make sure every user account on the sshd system has a strong password.

               
                When you install sshd, unless you lock it down through a firewall of some sort (which you should) till then you are making port 22 available for connections by anyone. Here I am repeating myself, make sure every user account on the system has a strong password! The standard SSH port number is Port 22. There are botnets running on the internet that may find your machine with port 22 open. On port 22 the bots will assume sshd is running, so don’t have to be surprised if you look at logs and see failed login attempts with simple username/password combinations of root/blank, Administrator/blank, etc… If you have strong passwords then the login attempts are nothing to be alarmed about. The unix equivalent of the Windows Administrator account is Root.

Installing Cygwin and openssh applications

  1. From the Cygwin website first we need to download setup.exe.


2. Then run the setup.exe which you just downloaded.

3. Click next


 

4. Select ‘Install from


 

5. Here select the root directory of the installation and who is allowed to use it.   (c:\cygwin and ‘All Users’ should be fine)


 

6. Select the ‘Local Package Directory’. During the installation process this location will be used to store downloaded information.



7.Select your internet connect type. If you don’t use a proxy, select ‘Direct Connection’.

 

8. Just pick one after choosing a download site.



 

9. Select the openssh package for installation.

  • The installer will automatically search for matches in the search field, you should enter in ‘ssh’.
  • ‘Net’ menu must be expanded.
  • On the word ‘Skip’ in the open ssh package row click only once. This will cycle it to the next option, the current version would be displayed. At the time of writing (5/13/2013) that version is 6.2p1-2
  • Here you should note that this is only installing the openssh binary package. It is not setting up the Secure Shell Server for you. That comes later.


 

10. Select next option after the installer that shows you a list of openssh dependencies (things it uses).



11. Let the installer do its work… Half hour long installs have been experienced by some people. If you do, try selecting a different download site.


 

12. Cygwin set up is complete. Click finish.
 

 

Setting up Secure Shell Server (sshd)

1.Start your Cygwin Terminal as an Administrator. To set up the sshd you must run the terminal with administrative access. You should also start a Cygwin terminal with administrative access:

  • In the start menu find the Cygwin Terminal icon.
  • Then right click the ‘Cygwin Terminal’ icon and select ‘Run as Administrator’.


2.The Cygwin installer must put a script on your system that performs the sshd set up for you. The script exists here: /usr/bin/ssh-host-config

  • At the prompt, you will enter in ‘ssh-host-config’ without the single quotes, and press enter.


3. Here you will now either see a warning about not having administrative privileges because you didn’t run the terminal as an Administrator, or either the script will start generating keys and begin asking you questions. If you see warnings about privileges then you need to close the terminal and run it again with administrative privileges see above steps to follow.

4.Here you will be asked the answers by the script, along with it the response you should supply in bold

Query: Should privilege separation be used? (yes/no) yes

Query: For new local account ‘sshd’? (yes/no) yes

Query: Do you like to install sshd as a server?

Query: Only say “no” if it is already installed as a service (yes/no) yes

Query: Here enter the value of CYGWIN for the daemon: [] (DO NOT ENTER ANYTHING, PRESS ENTER)

Query: If you want to use a different name? (yes/no) no 

Query: Want to create new privileged user account ‘cyg_server’? (yes/no) yes

Query: Please enter the password: YOUR PASSWORD MUST BE ENTERED HERE

Query: Reenter: PLEASE RE-ENTER YOUR PASSWORD

 
5. Now here you should have a Windows service installed named ‘CYGWIN sshd’, which should run as the user ‘cyg_server’. Here if you look at the service, you can see it is running the executable ‘c: \Cygwin\bin\cygrunsrv.exe’. A new Windows account ‘Privileged Server’ will be there. Here we are getting the Secure Shell Server installed! If you need you can also go back and re-run the script.


Starting and stopping the sshd server

1. Starting the server

  • Enter ‘net start sshd’ at the command prompt
  • Then you should see the following output: The CYGWIN sshd service has been started. The CYGWIN sshd service was started successfully.

2. Stopping the server

  • Enter ‘net stop sshd’ at the command prompt
  • Then you should see the following output: The CYGWIN sshd service has been stopped. The CYGWIN sshd service was stopped successfully. 


Testing your sshd installation

You can type in the command ‘ssh username@ipaddress’ to connect to an sshd server where username is the windows username and ipaddress is in dotted-decimal notation.

     1. Our sshd installation will be tested now.
     2. Start your Cygwin terminal on the system that sshd is installed on.
     3. Enter the following at the command prompt ‘ssh username@127.0.0.1′ where username is the Windows account username you want to connect as on the system running sshd.
     4. Here you will be presented some information and asked: Are you sure you want to continue connecting (yes/no)?

          * Then enter yes

      5. For your Windows account enter the password.
      6. If your connection was successful you should see something similar to this:


Now what?

Just type ‘help’ at the command line to see what is offered in the BASH shell.

If you want to learn about the BASH shell: https://www.google.com/search?q=learn+the+bash+shell

Firewalls

As with all the networking software, you will need a good understanding of TCP/IP to get everything running properly. Then if you are only expecting ssh connections from specific systems, you should try to limit incoming connection to those IPs or an IP range. So here we are not going into detail about configuring your firewall. However, here are some of the two important pieces of information for setting up the firewall for sshd.

sshd default port: 22

sshd application will always appear to run from the executable c:\cygwin\bin\cygrunsrv.exe

Logs

sshd will write to the windows logs. The log entry will be from ‘sshd’ that is the source.


Troubleshooting

You may also see a connection attempt fail and present a similar error message:

ssh: connect to host 127.0.0.1 port 22: Connection refused

For the very least times this can happen, one of the two following reasons are:

sshd is not running. In this case you can start the service by entering ‘net start sshd’. Then the firewall on the sshd system may be blocking port 22 from your IP address.

Was this answer helpful?

 Print this Article

Also Read

Did you know what social engineering attacks is?

The art of manipulating people so they give up confidential information is known as Social...

How to Create a Package within WHM

A package specifies several different values for a cPanel account. For example, you could offer a...

Are you eager to know how to Secure FTP Access on VPS & Reseller Hosting Accounts?

The reseller web hosting and vps hosting accounts are affected by unauthorized FTP uploads most...

Did you know what social engineering attacks is?

The art of manipulating people so they give up confidential information is known as Social...

Optimization of MySQL database

Usually, for a website that’s having a large volume of data. Is a must to enhancing the...

Powered by WHMCompleteSolution