SSH into Linux Subsystem for Windows

instructions.md

• In /etc/ssh/sshd_conf, set UsePrivilegeSeparation to no
• In /etc/ssh/sshd_conf, temporarily enable plaintext passwords
• In /etc/ssh/sshd_conf, change port (e.g. to 23) to avoid confusion with Windows SSH server
• sudo service ssh restart
• Add alternative port as a new rule to Windows firewall
• On the client: ssh-copy-id user@server
• In /etc/ssh/sshd_conf, re-disable plaintext passwords

To fix Could not load host key ... error:

• sudo ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
• sudo ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
• sudo ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key

Note: bash.exe survives cutting the RDP connection. To not have WSL SSH exposed all the time, the suggested workflow ist to connect via RDP, start WSL, start SSH, then exit RDP and connect via SSH from the client machine.

Alternatively, you can use ssh-keygen -A to generate all the missing keys. Thanks for sharing!

/etc/ssh/sshd_conf doesn't exist, do we have to write a new file ?

/etc/ssh/sshd_conf doesn't exist, do we have to write a new file ?

It's /etc/ssh/sshd_config.

---

• Plaintext passwords: change PasswordAuthentication no line to yes
• Ports: add a Port 2222 line

I think the privilege separation step is optional.