Install SSH server on Windows 11
- Install from GUI
- Install from CLI
Configure SSH
Key components
Use public key
Restart SSH server on Windows machine
Try this with Docker

Install SSH server on Windows 11

Install from GUI

Settings > Apps & features > Optional features > OpenSSH

(in French: Menu démarrer > Fonctionnalités facultatives > OpenSSH

Install from CLI

Launch PowerShell in admin mode:

$ Get-WindowsCapability -Online | Where-Object Name -like ‘OpenSSH.Server*’ | Add-WindowsCapability –Online
  # installs OpenSSH
$ Get-WindowsCapability -Online | ? Name -like 'OpenSSH.Ser*'
  # checks that it is correctly installed
$ Set-Service -Name sshd -StartupType 'Automatic'
$ Start-Service sshd
  # these load SSH 
$ netstat -na
  # should print somewhere port 22
$ Get-NetFirewallRule -Name *OpenSSH-Server* |select Name, DisplayName, Description, Enabled
  # make sure firewall allow it

Configure SSH

$ start-process notepad C:\Programdata\ssh\sshd_config

Key components

By default, key OpenSSH components are located in these folders:

OpenSSH Server executables: C:\Windows\System32\OpenSSH\(sshd.exe, ssh.exe, ssh-keygen.exe, sftp.exe, etc.)
The sshd_config file (created after the first service start of the service): C:\ProgramData\ssh
The authorized_keys file and keys can be stored in the user profile folder: %USERPROFILE%\.ssh\

Use public key

Allow password connection in sshd_config and empty password if none has been set on the Windows machine (or Docker).

From remote (don't forget to adjust UserName to your Windows user, and the machine IP) :

$ ssh-keygen # for example in ~/.ssh/windows-key
$ scp -p 22 ~/.ssh/windows-key.pub **UserName**@**192.168.0.69**:C:/Users/**UserName**/Desktop/

Then on the Windows machine, copy “windows-key.pub” from the desktop to %programdata%/ssh/.

Still from the Windows machine, in a terminal:

$ cd C:\ProgramData\ssh
$ type windows-key.pub >> administrators_authorized_keys
$ restart-service sshd

Now, on remote, this should work:

$ ssh -p 22 UserName@192.168.0.69 -i ~/.ssh/windows-key

Restart SSH server on Windows machine

$ restart-service sshd

Try this with Docker

Here is a docker-compose.yml to install Windows 11 in a Docker, because why not?

services:
  windows:
    image: dockurr/windows
    container_name: windows
    environment:
      VERSION: "win11"
      LANGUAGE: "French"
      REGION: "fr-FR"
      KEYBOARD: "fr-FR"
      DISK_SIZE: "80G"
      CPU_CORES: "1"
      RAM_SIZE: "2G"
      #VM_NET_DEV: "tun0" # only if VPN set up
    devices:
      - /dev/kvm
    cap_add:
      - NET_ADMIN
    #network_mode: 'container:vpn' # only if VPN set up
    ports: # comment all ports section if VPN is set up
      - 8006:8006
      - 8007:22
      - 3389:3389/tcp
      - 3389:3389/udp
    stop_grace_period: 2m
    volumes:
      - ./data:/storage
      - ./shared:/shared # should be available here:  \\host.lan\Data

Table of Contents