SSH (Secure Shell) is a secure protocol that enables encrypted remote access between systems. This guide explains how to connect from a Linux client to a Windows or Linux server using OpenSSH.
Prerequisites
Most Linux distributions include the OpenSSH client by default. Windows 10 (version 1809 and later) and Windows 11 also include the OpenSSH client. The client machine requires an SSH client, while the server machine must have an SSH server installed and running.
Step 1: Check SSH Installation
Client Machine:
ssh -V
If SSH is missing, install the OpenSSH client.
Server Machine:
- Windows:
Get-Service sshd
- Linux:
sudo systemctl status sshd
Step 2: Connect via SSH
Basic connection:
ssh username@target_ip_address
Enter the password when prompted.
Connect using a specific port:
ssh -p <port> username@target_ip_address
Verbose output for troubleshooting:
ssh -v username@target_ip_address
Step 3: Use SSH Key Authentication
Instead of passwords, you can authenticate with a private key.
Generate SSH key pair on the client machine:
ssh-keygen -t rsa -b 4096
Keys are stored in:
- Private key:
~/.ssh/id_rsa(keep secret) - Public key:
~/.ssh/id_rsa.pub(copy to server)
Copy Public Key to Windows Server
Client Machine:
cat ~/.ssh/id_rsa.pub
Server Machine:
mkdir "C:\Users\YourUser\.ssh" New-Item -Path "C:\Users\YourUser\.ssh\authorized_keys" -ItemType File notepad "C:\Users\YourUser\.ssh\authorized_keys"
Paste the public key into authorized_keys and save.
System-Wide SSH Keys (Windows)
Move authorized_keys to C:\ProgramData\ssh and rename it:
administrators_authorized_keys
Copy Public Key to Linux Server
ssh-copy-id username@target_ip_address && ssh username@target_ip_address "chmod 600 ~/.ssh/authorized_keys"
Step 4: Configure SSH for Quick Access
Edit the SSH config file:
sudo nano ~/.ssh/config
Add configuration:
Host myserver
HostName target_ip_address
User username
Port <port>
IdentityFile ~/.ssh/id_rsa
Step 5: Connect Using SSH Key
Using alias:
ssh myserver
Specifying identity file:
ssh -i ~/.ssh/id_rsa username@target_ip_address
Note:
If your machine uses DHCP, the IP may change. To avoid reconnect issues:
- Configure a DHCP reservation in your router.
- Or assign a static IP to the machine.
You can use the local IP address of the device if both devices are on the same local network. If the device is outside the local network, you need to use the public IP address.
Replace username, target_ip_address, and YourUser with your actual details. You can customize myserver with any alias you prefer.
By following these steps, you can establish secure SSH connections from Linux to Windows or Linux servers, using either password or key-based authentication.
With SSH properly configured, you’ll enjoy secure, streamlined remote access for administration, development, and file transfers.