I am writing this up in order to have it documented how I got an SSH tunnel into my WSL2 Ubuntu environment, as I kept having issues along the way. So I wanted to document things more clearly for myself in the future, and I hope this helps someone else along the way
I started with this guide
First issue I ran into is that wsl hostname -I command in the sshd.bat didn't work due to -I not being an option in the default WSL2 distro (the one that WSL launches into if you don't install any other distros). I ran wsl hostname --help and learned there was a -i, so I changed it to that, since that does spit out an IP. It just turns out that's not the IP you want. This was my point of failure.
I kept running into a kex_exchange_identification: Connection closed by remote host error. After some hours of debugging, I realized the ip address spit out by hostname -i did not match what ifconfig spit out, so I then searched for a function that would spit out the ip address I expected, and then learned that hostname -I indeed exists in Ubuntu, and the reason I was having issues was that the WSL2 default distro was set to whatever the underlying default distro you get upon first installing WSL2 is.
I fixed this by running wsl --set-default ubuntu. Once I did this, it made it so the original sshd.bat script provided in that guide worked.
Alternatively, if you want to not have to set your default distro to the one you're trying to ssh into, you can add --distribution <distro_of_choice> to your wsl commands, and it should work
Below I will document the steps outlined in the article for sake of posterity in case Julio Merino's blog goes down for whatever reason, as well as add steps that would've helped me to do so from a clean installation. I want to be clear, almost all the credit to the following steps goes to Julio Merino:
- Install WSL2 following these steps
- Install distro of choice from the Microsoft store (I used Ubuntu, so the rest of the guide will reflect that, but should largely be transferrable to other distros)
- Set default distro to Ubuntu (or your choice)
wsl --set-default ubuntu
- Install OpenSSH server (I think this was already installed in my ubuntu distro however)
sudo apt install openssh-server
- Configure OpenSSH to listen on port 2022 (not necessary, but can be useful if you want to support sshing into your Windows box too)
sudo sed -i -E 's,^#?Port.*$,Port 2022,' /etc/ssh/sshd_config
sudo service ssh restart
- Allow the default WSL user to start SSH without a password (due to services having to have sudo permission)
sudo sh -c "echo '${USER} ALL=(root) NOPASSWD: /usr/sbin/service ssh start' >/etc/sudoers.d/service-ssh-start"
- Confirm passwordless sudo is enabled for starting sshd
sudo /usr/sbin/service ssh start
- Copy the provided
sshd.batfile into your Windows home directory - Copy the
task.xmlsomewhere easily accessible - Open
Task Schedulerfrom Start menu - Click
Import Task, and choose thetask.xmlfile - Under the
Generaltab, clickChange User or Group..., and provide your username in the field that takes in a username that pops up - Under the
Triggerstab, confirm that it saysAt startupunder the trigger column, and that it is enabled - Under the
Actionstab, edit theStart a programaction to point to thesshd.batscript in your Windows home directory (instead of pointing tojmmv) - Click
OK - Punch a hole in the firewall by running this in Powershell
New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd) for WSL' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 2022
You should be good to go at this point