SEARCH

How-To Geek

How To Get SSH Command-Line Access to Windows 7 Using Cygwin

banner

Are you comfortable with Linux/Unix and want SSH access to your Windows 7 machine? Cygwin provides this functionality and gives you a familiar environment to work with in a few simple steps.

We’re assuming you’ve got Cygwin installed and configured. If not, check out our article, How To Use Linux Commands in Windows with Cygwin to get started.

Installing OpenSSH

OpenSSH is what we’ll be using, so if you don’t have it installed, find Cygwin’s setup.exe file and run it.

17-open setup

You can keep all of the same defaults as when you originally set up Cygwin. On the package selection screen, search for “open” and look under the “Net” menu.

18-install openssh

You’ll see a package called “openssh”. Click under the “New” column, where it says “Skip” until you see an X appear in the “Bin?” column. Look at the previous screenshot for where to click if you’re confused. Hit “Next” and finish up the rest of the setup process, just like you did last time.

Configuring OpenSSH in Cygwin

Unlike in most Linux distros, OpenSSH won’t automatically configure itself to run and just work. We need to perform a few easy steps. First, right-click your Cygwin shortcut, and click on “Run as administrator”:

00-run as admin

This will make sure we have the proper privileges for everything. You’ll see an empty Cygwin window come up.

01-cygwin window

Enter the following command:

ssh-host-config

02-ssh-host-config

You’ll see the script generate some default files, and then you’ll be prompted for whether or not you want to enable “Privilege Separation.” It’s on by default in standard installations of OpenSSH on other systems, so go ahead and say “yes” to the prompt.

03-priv sep

You’ll be prompted to create a new account with special privileges. Select “yes” and the script will continue.

04-new acct

Next, you’ll be asked if you want sshd to run as a service. This will allow you to get SSH access regardless of whether or not Cygwin is currently running, which is what we want. Go ahead and hit “yes” to continue.

05-sshd as service

Next, you’ll be asked to enter a value for the daemon. Enter the following:

ntsec

06-daemon ntsec

You’ll see the script give you some information on your system and then it will ask you to create a privileged account with the default username “cyg_server”. The default works well, so type “no” when it asks you if you want to use a different account name, although you can change this if you really like.

07-priv acct cyg_server

Of course, you’ll have to enter a password for this account as well.

08-password

Cygwin will show you your password in plain text for verification, so be sure you’re in a secure place. You’ll see some extra info come up and if all’s well, you’ll get a message that says it successfully completed.

09-fin host config

You can either restart, or enter the following command to start the sshd service:

net start sshd

10-net start sshd

Now, you can type “exit” to close this Cygwin instance.

User Configuration of SSH

Next, we’ll create the appropriate SSH keys for your user account. Open up Cygwin normally, and enter the following command:

ssh-user-config

11-ssh-user-config

You’ll be asked to create specific keys for your user account, so use what you need. I went ahead and said “no” to the first question, and “yes” to the second.

12-passphrase

SSH2 is more secure, so that’s what I recommend to you. After entering a password, you’ll be asked if you want to use that ID to access your machine. Type “yes”.

13-use this id

Next, you’ll be asked to create an SSH2 DSA ID file, if you want to use password-less access. I declined at this step.

14-no to dsa

That’s it! You’re all configured. If you want to test your configuration really quickly, enter the following command in your Cygwin window:

ssh –v localhost

15-test

The –v option stands for “verbose” and gives you all of the details of the process. You’ll be asked if you want to continue connecting, so enter “yes” and then enter your password at the prompt. Remember that when you enter your username, it is case-sensitive!

16-exit

If everything worked out well, you’ll see a normal bash prompt.

Minor Issues

If you find yourself stuck at any of the configuration steps, make sure that the Windows User Account you’re running has Administrative access. You may get weird errors if you try to run the host configuration as a normal user, so make sure you run Cygwin with admin privileges during that step. If, when you exit, you get a prompt about leaving your batch jobs running, you can hit “no” to terminate them.

Lastly, if you test SSH access from another machine and get an error, make sure that your firewall isn’t blocking access to port 22 (or 23 if you’re using SFTP).


This works extremely well if you like the ability to get SSH/SFTP access to your files on a Windows 7 machine and you also want a familiar shell to do that with. Cygwin mounts Windows drives to “/cygdrive/driveletter” in case you were wondering. ;-)

Yatri Trivedi is a monk-like geek. When he's not overdosing on meditation and geek news of all kinds, he's hacking and tweaking something, often while mumbling in 4 or 5 other languages.

  • Published 01/28/11

Comments (23)

  1. Gene

    Why not simply use PuTTY? It’s open source and free.

  2. Max

    PuTTY lets you use Windows to SSH into another computer. Cygwin lets you actually run a SSH service on your Windows machine so you can SSH into it from another computer. Also, Cygwin is open source and free as well.

  3. xilmiki

    PuTTY is simple and not require install, why use this, time to spend?

  4. Alexzm1

    PuTTY its a SSH client
    not a SSH Server

  5. jasray

    Much better and more convenient SSH servers available for Windows (free and secure); to go through the convoluted process here is pointless. Terminal command from Linux to Windows is equally simplified, or, as others have mentioned PuTTy/KiTTy is a breeze. Not quite sure what the author has in mind in promoting the above procedure. Hmmmm . . . .

    Such a shame because other methods allow using non-standard ports (absolutely necessary in most lockdown situations) and DNS forwarding (absolutely essential).

    Maybe he’ll share further knowledge later on down the road.

  6. Trevor

    How can there be so many people who use PuTTy who also don’t know why that’s not what we’re talking about here?!

  7. jasray

    Yes, that is a good question; one needs an SSH server on the Windows (or Linux) machine or router (e.g. DD-WRT) and one can use PuTTy as a client from either a Linux or Windows machine to connect. Likewise, it’s as easy to use the command line in Linux; however, much better SSH servers exist for Windows, and the command on Linux is so simple a five year old could do it.

    One can, as pointed out in the article, mix and match systems. A person using Windows can connect to a SSH server running on Linux; a person using Linux can connect to a SSH server on Windows. The question remains: Why such a choice as Cygwin when other SSH servers (opinion only) provide a much easier, more secure, and readily understandable approach.

  8. Alexander

    Hey,
    I had some problems with SSH1 (kept telling me I had the wrong password, even though I input the right one). But SSH2 works well.
    …any advice on how to change the configuration (ie. password)? and how to SSH into other systems? I kind of want to replace PuTTy on my computer and use Cygwin instead :)

  9. joe_Da_Schmoe

    so why not copssh????

  10. squeeky

    Looks like copssh uses cygwin. The developer has obviously hidden many of the above steps from the user.

  11. Rasputin Paskudniak

    Well, I got stopped at the step ssh-user-config, the second major segment of this exercise.

    Here’s the screen shot:
    1$ ssh-user-config
    *** ERROR: There is no home directory set for you in /etc/passwd.
    *** ERROR: Setting $HOME is not sufficient!

    Who is it talking to, me or user cyg_server?

    In either case, /etc/passwd shows that both I and cyg_server have home directories, although cyg_server’s home directory is a bit weird – /var/empty
    So is cyg_server’s shell: /bin/false – though that should be OK for a daemon.

    BTW, that home direcotry has some interesting permissions, and clearly was not just created.

    drwxr-xr-x+ 1 cyg_server root 0 Dec 21 20:02 /var/empty

    So I am stumped at this point. Was I missing an undocumented dependency (as happened with a2ps)

    Clues, anyone?

    Thanks.

  12. Horses4Courses

    Why would you actually want to do this? If you want better scripting then just use Perl (for Windows) or Powershell. I can totally understand dual-booting Linux (maybe Ubuntu) and Windows on the same machine, but I just don’t understand why you’d want to run cygwin on Windows (plus cygwin is a pain in the ass).

  13. Greg

    Great post, very helpful for those of us who understand what it was clearly intended for.

  14. halka

    (And those are few and far between, or so it seems.)

  15. John

    I got through all the steps but my ssh login attempt hangs:

    $ ssh -vvv localhost
    OpenSSH_5.8p1, OpenSSL 0.9.8r 8 Feb 2011
    debug1: Reading configuration data /etc/ssh_config
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to localhost [::1] port 22.
    debug1: Connection established.
    debug3: Incorrect RSA1 identifier
    debug3: Could not load “/home/john/.ssh/id_rsa” as a RSA1 public key
    debug2: key_type_from_name: unknown key type ‘—–BEGIN’
    debug3: key_read: missing keytype
    debug2: key_type_from_name: unknown key type ‘Proc-Type:’
    debug3: key_read: missing keytype
    debug2: key_type_from_name: unknown key type ‘DEK-Info:’
    debug3: key_read: missing keytype
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug2: key_type_from_name: unknown key type ‘—–END’
    debug3: key_read: missing keytype
    debug1: identity file /home/john/.ssh/id_rsa type 1
    debug1: identity file /home/john/.ssh/id_rsa-cert type -1
    debug3: Incorrect RSA1 identifier
    debug3: Could not load “/home/john/.ssh/id_dsa” as a RSA1 public key
    debug2: key_type_from_name: unknown key type ‘—–BEGIN’
    debug3: key_read: missing keytype
    debug2: key_type_from_name: unknown key type ‘Proc-Type:’
    debug3: key_read: missing keytype
    debug2: key_type_from_name: unknown key type ‘DEK-Info:’
    debug3: key_read: missing keytype
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug2: key_type_from_name: unknown key type ‘—–END’
    debug3: key_read: missing keytype
    debug1: identity file /home/john/.ssh/id_dsa type 2
    debug1: identity file /home/john/.ssh/id_dsa-cert type -1
    debug3: Incorrect RSA1 identifier
    debug3: Could not load “/home/john/.ssh/id_ecdsa” as a RSA1 public key
    debug2: key_type_from_name: unknown key type ‘—–BEGIN’
    debug3: key_read: missing keytype
    debug2: key_type_from_name: unknown key type ‘Proc-Type:’
    debug3: key_read: missing keytype
    debug2: key_type_from_name: unknown key type ‘DEK-Info:’
    debug3: key_read: missing keytype
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug3: key_read: missing whitespace
    debug2: key_type_from_name: unknown key type ‘—–END’
    debug3: key_read: missing keytype
    debug1: identity file /home/john/.ssh/id_ecdsa type 3
    debug1: identity file /home/john/.ssh/id_ecdsa-cert type -1

    (hangs now … does nothing until I press Ctrl-C)

    I’m using Windows 7.

    Here are some of the permissions on relevant files:
    $ ls -l /etc/ssh*
    -rw-r–r– 1 cyg_server None 1547 Feb 23 13:39 /etc/ssh_config
    -rw——- 1 cyg_server Administrators 668 Feb 17 00:15 /etc/ssh_host_dsa_key
    -rw-r–r– 1 cyg_server Administrators 607 Feb 17 00:15 /etc/ssh_host_dsa_key.pub
    -rw——- 1 cyg_server Administrators 227 Feb 17 00:15 /etc/ssh_host_ecdsa_key
    -rw-r–r– 1 cyg_server Administrators 179 Feb 17 00:15 /etc/ssh_host_ecdsa_key.pub
    -rw——- 1 cyg_server Administrators 982 Feb 17 00:15 /etc/ssh_host_key
    -rw-r–r– 1 cyg_server Administrators 647 Feb 17 00:15 /etc/ssh_host_key.pub
    -rw——- 1 cyg_server Administrators 1679 Feb 17 00:15 /etc/ssh_host_rsa_key
    -rw-r–r– 1 cyg_server Administrators 399 Feb 17 00:15 /etc/ssh_host_rsa_key.pub

    $ ls -al
    total 24
    drw-rw-rw-+ 1 john Administrators 4096 Feb 23 14:13 .
    drwxr-xr-x+ 1 ???????? ???????? 4096 Feb 22 23:40 ..
    -rw——- 1 john None 2651 Feb 23 14:01 authorized_keys
    -rw——- 1 john None 771 Feb 23 14:00 id_dsa
    -rw-r–r– 1 john None 607 Feb 23 14:00 id_dsa.pub
    -rw——- 1 john None 314 Feb 23 14:01 id_ecdsa
    -rw-r–r– 1 john None 179 Feb 23 14:01 id_ecdsa.pub
    -rw——- 1 john None 1766 Feb 23 14:01 id_rsa
    -rw-r–r– 1 john None 399 Feb 23 14:01 id_rsa.pub

    I’ve opened the Windows FIrewall port 22 (and verified that it was open on the cyg_server account), as well as port 22 on my router.

    But I doubt the firewall is the issue, since the ssh client is able to “talk” to the server … the session startup just hangs …

    any ideas?

    tks,
    John

  16. Rashy

    What bout PuTTY?

  17. DrRob

    Putty is not an SSH demon. It is just a client. There are other demons out there such as FreeSSHd but I’ve also had problems with that.

    One problem I have with ssh with cygwin is that it is not quite the same as starting a cygwin shell from the desktop. Some command run on desktop cygwin shell that do not run from ssh shell. Clearly the actually shells are different somehow.

  18. Misty

    Hi…
    I am trying to configure Cygwin, but after this step

    “You’ll see the script give you some information on your system and then it will ask you to create a privileged account with the default username “cyg_server”. The default works well, so type “no” when it asks you if you want to use a different account name, although you can change this if you really like”

    , when it asks for password, and i try to enter a password,

    “Of course, you’ll have to enter a password for this account as well.”
    “Cygwin will show you your password in plain text for verification, so be sure you’re in a secure place. You’ll see some extra info come up and if all’s well, you’ll get a message that says it successfully.. ”

    It does not display the password, but asks me to reenter, even thou I re enter it shows the error
    “Creating the user ‘cyg_server’ failed! Reason: System error 5 has occured. ”

    Can you tell me where I am going wrong?

  19. flurion

    @Misty. I solved the same problem by running CYGWIN shell as administrator

  20. acepelon

    It is funny how many people mention Putty here considering how horrible it is compared to other SSH clients. Skipping the fact that the author wasn’t talking about an SSH client, might I recommend those who want a better experience with SSH (free) to try Poderosa? Not Ponderosa, but Poderosa.

    http://sourceforge.net/projects/poderosa/

    Poderosa has support for creating tabs for Cygwin. Cygwin stand-alone is horrible but through Poderosa is great.

    Give it a shot.

  21. hari

    How to install, where is the link to click and install in at desktop? I could not see any link which I could click.pls help me to install it.thanks

  22. Joe Poniatowski

    Nice post. I too am amazed at the number of people suggesting PuTTY, as it is clearly not intended for the same purpose. And to the person suggesting Powershell as a better scripting tool: Powershell is great, but not portable to non-windows machines. Shell scripts run in cygwin, Linux, BSD, etc. with little to no modifications.

  23. Ankit

    Why not simply use mRemoteNG ? It’s open source and free.

Get Free Articles in Your Inbox!

Join 134,000 newsletter readers

Email:

Go check your email!