Running OpenSSH in Windows PowerShell
If you're a Linux/macOS user familiar with OpenSSH that is working on a Windows machine, or a Windows PuTTY user wondering why the rest of the world uses OpenSSH, read this quick guide to get you up and running in less than 10 minutes.
Having recently switched my development environment from macOS to Windows, I found myself frustrated with the PuTTY interface. I also had scripts that used OpenSSH to run commands on cloud services like AWS EC2 and the GCP Compute Engine.
With minimal digging, I found OpenSSH is available on PowerShell. And within a short amount of time, I was back up and running as if nothing had changed. Here is how to do it:
- You have a remote server running OpenSSH. Click here to learn how to set one up in AWS
- You have either the .ppk file or private key file to connect to the server
- Your server will accept connections from your IP Address.
In an administrator PowerShell session (right-click PowerShell, run as administrator) run the following to check if you have it already:
Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'
If you see this, you are good to go.:
Name : OpenSSH.Client~~~~0.0.1.0
State : Installed
Note “OpenSSH.Client”. We don’t need the OpenSSH.Server.
If it says
State: Not Present under the Client, run this command:
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
You will need to set up a configuration file in your user folder for OpenSSH to refer to when initiating a connection.
In PowerShell navigate to your user folder with:
Create a folder here called
Move into the folder:
Create a new file called
Open it in notepad:
This config file is where you need to add the details of the server you are connecting to.
An example of what is needed:
Host defines the name you want to refer to this connection by, it can be anything you want. You will use this when calling OpenSSH from the command line
HostName is the address of the server, typically an IP address. If you have DNS set up pointing to your server you could use the domain name.
User is the user name on the server you will be logging in as once connected.
Port declares the port on the server to connect to, default is 22, so this is not necessary, but useful if you need to change the port which is a recommended security step.
IdentityFile is the private key you will use to authenticate with the server, a file you should already have.
If you already have your keys file in the private/public format that OpenSSH uses, add the private file into the
.ssh folder now, ensuring that the path in the
IdentityFile directive matches your key location.
If you have a
.ppk file, you just need to convert it. This is a very easy thing to do.
Open PuTTYgen on your windows machine, and click load existing private key file, choosing your
.ppk file. In the menu bar click Conversions > Export OpenSSH key, and save it into your
.ssh folder, matching the name to the path in your
With the set-up done, all you need to do is run the following:
MyServer is the name you used in the
Host directive of your config file. If you have multiple servers you need to connect to, just add more hosts to your config file.
On your first connection, you’ll see a question about fingerprints, type yes, and you should be connected.
Passing Commands to SSH
One very useful feature of OpenSSH is being able to pass commands in with the connection request. This results in you not actually getting to the server command line, but instead returning you to your PowerShell when the command is finished. This is great for writing scripts.
Suppose you want to restart a systemctl service, without logging in. You could simply run:
ssh MyServer systemctl restart my-service.service
Passing the command in as the last item, will run the command on the destination server, and drop you back into your PowerShell.
With all this complete you should be on your way to being a power OpenSSH user in no time!