Friday, August 14, 2015

How do I install FreeSSHd - SSH Server in Windows Server


How do I install FreeSSHd - SSH Server in Windows Server 2008?

Because the installation for Free SSHd is so simple as compared to others (especially as compared to OpenSSH in Windows), I have chosen to demonstrate how to install and use Free SSHd. Remember that FreeSSHd is totally free (as the name says) both for personal / non-commercial use but also for commercial use.
To start this process, I downloaded FreeSSHd.exe on my Windows Server 2008 system and ran the downloaded program. The graphical installation began.
I took all the defaults for the installation options and clicked Install to being the install.
When done, I opted not to run SSHd as a service but that may be what you want to do on your production server.

Figure 1: Do you want to run FreeSSHd as a service?
By running FreeSSHd as service, it would be available no matter if you were logged into the console or not. I also chose to create private keys for the SSH server.
Next, I ran the FreeSSHd shortcut on the desktop in order to configure and start the SSH server.

Figure 2: Running the FreeSSH Application
I could see that the SSHd server was already running.
The FreeSSHd application can offer the following:
  • Both SSH Server and Telnet Server capabilities
  • Options to run SSHd on only certain interfaces
  • Multiple methods of authentication, including integrated NTLM authentication to Windows AD
  • Multiple methods of encryption including AES 128, AES 256, 3DES, Blowfish, and more
  • Options to bring up a secure tunnel upon connection
  • Optional Secure FTP (sFTP) - for secure FTP, see the FreeFTPd website
  • The ability to administer users and restrict access to secure shell, secure tunnel, or secure FTP
  • Ability to allow access to only certain hosts or subnets
  • Ability to log all connections and commands performed through FreeSSHd
  • View currently connected users
  • Update FreeSSHd automatically
For me to be able to login, I had to do two things:
  1. Add a new user account and allow SSH command line access
  2. Open an exception in my Windows Server 2008 Firewall
To add a new user, I went to the Users tab and clicked Add.
I opted to set up a login for my local Windows administrator account. I set the authorization to NTLM. That way, there was no local password in the FreeSSHd database and if the administrator password changes in the local Windows account database, you don’t have to change the password in the FreeSSHd account database.
I authorized this new administrator SSH user to log in with SSH only.

Figure 3: Adding a SSHd user account with NTLM authorization
Here are the results:

Figure 4: A new SSHd user account added
The second thing I had to do to allow me to login was to open an exception in the Windows Firewall. While I could disable the Windows Firewall completely instead of opening the ports, of course the most secure option is to leave the firewall up and allow for an exception for SSH – TCP port 22.
To do that, I went to Start -> Administrative Tools -> Windows Firewall with Advanced Security.

Figure 5: Opening Windows Firewall with Advanced Security
Next, I clicked on Inbound Rules, then on New Rule.

Figure 6: Adding a new Inbound Rule
Next, I chose to add a Port rule.

Figure 7: Choosing to add a Rule for a Port
I specified TCP port 22 only.

Figure 8: Specifying TCP port 22 only
Take the defaults to Allow the Connection, apply this to All domains, and give the rule a Name of your choice.
Test the Connection
To test the connection, I used SecureCRT from my Windows XP machine to the Windows Server 2008 server, via SSH.
To do this, I connected to the server via the IP address (or domain name). I chose to Accept the server’s certificate and save it.

Figure 9: Connecting via SSH and logging in with your Windows username & password
I logged into the server using the administrator login and password.
And, success! I was able to access the server via SSH!

Figure 10: A successful connection to the Windows 2008 Server via SSH

In Summary

SSH is an excellent tool for Windows Server 2008 administrators to consider for remote server management. In this article, you learned how SSH can help you, the options available for SSH Server and SSH Client installations, and how to install one of those options, FreeSSHd.

No comments: