Ask just about any *NIX admin using a Windows laptop and they will have come across Putty. For years, Apple MacBooks have been the go-to choice for many admins partly because getting to a ssh shell is so easy. The newly re-invigorated Microsoft is changing how easy it is to interface with Linux (and other *NIX flavors) significantly with features like Ubuntu on Windows. There is a new beta feature in Windows 10 that may just see the retirement of Putty from many users: an OpenSSH client and OpenSSH server application for Windows.
Installing the Windows OpenSSH Client
Since this is not the best-documented feature, and still one in Beta, we made a quick video of the installation process.
If you do not want to watch go to “Manage Optional Features” then + “Add a feature”. You can then scroll down the list and find the OpenSSH Client (Beta) and OpenSSH Server (Beta) features in Windows. The idea of running another remote service on Windows can be daunting so we do not blame you if you do not want to install the server.
Once installed, you can simply fire up your command line and use the OpenSSH client by typing ssh followed by the command such as ssh ubuntu@someIP.
Here is the current (as of November 28, 2017) ssh command usage guide we are getting with the Windows OpenSSH Client:
C:\WINDOWS\system32>ssh
usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
[-D [bind_address:]port] [-E log_file] [-e escape_char]
[-F configfile] [-I pkcs11] [-i identity_file]
[-J [user@]host[:port]] [-L address] [-l login_name] [-m mac_spec]
[-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address]
[-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]]
[user@]hostname [command]
For most admins, this is going to be extremely easy to transition to.
Final Words
Many of our readers use higher-end terminal solutions like MobaXterm Professional. At the same time, when you just need a SSH session, being able to launch via the standard Windows command line is awesome. Microsoft is clearly taking steps to make the IT admin’s job much easier, and this is one simple example where Windows is making great strides. For those who use Putty as the simple SSH solution on Windows, those days are numbered.
We us Putty more as a replacement for Hypertermal then for ssh on a normal day.
So useful. I’ve just installed this. It only took like 1m to do.
I use Putty for its proxy tunneling and x forwarding abilities. I doubt the windows ssh client will do these things.
I like putty because it can save sessions and settings for each server and I don’t see those features anywhere in this.
It’s OpenSSH, so it does tunneling and X forwarding.
I’ve been using the OpenSSH client when I’ve been forced to use Windows for some time now – way better to use than putty …
Yes Microsoft, Linux has won. You’ve resisted bravely but well, it is time to give in. Congrats, ubuntu and now OpenSSH were good first steps.
Until the internal shell client has a tabbed interface not only is putty here to stay but i use a wrapper called superputty to give me a tabbed interface for ssh on Windows.
I’ve been using cygwin and its ssh client. Lots of *nix command line goodness with cygwin. But I’ll check out Microsoft’s version of ssh.
One question, what’s the version? i.e. ssh -V prints exactly what?
Thanks!
Never will I abandon Putty for all the hard work they’ve put together. Never!
@KarelG ssh -V OpenSSH_7.5p1
hah, mine is even more native with ubuntu for windows. I managed to create a dos cmd script that starts ubuntu and pipes all params through. I even managed to start dos using wine again from linux and run xming putty on windows.
I use MremoteNG as a putty manager, unless they support tiled SSH sessions that remember their last positions, I am not going to move.
What’s next, a native git? :-)
@Gary: Native Git is already a thing and is sponsored by Microsoft as well. GitHub.com/git-for-windows
Want to commandline-install then use the below command. Easier and faster than the tutorial video :)
Elevated powershell.exe
Get-WindowsCapability -Online | Where-Object{$_.Name -like “OpenSSH.Client*”} | ForEach-Object{ Add-WindowsCapability -Online -Name $_.Name}
Well. Finally. I’ve only been using SecureCRT since 1997.
@Manuel: if only! “git for windows” is still just msys git (mingw64). Still has all the cygwin path-parsing weirdness, funky git alias handling, etc.
Get-WindowsCapability -Online | Where-Object{$_.Name -like “OpenSSH.Client*”}
Does not show it to be available in 1703, but I see it on Win 10 version 1709. Is this expected?
I don’t know if it is an error (in your video) or a difference in Windows version/settings/whatever but on my PC, ssh is installed in C:\Windows\System32\OpenSSH
Has anybody managed to load the keys using ssh-agent?
@Benoit St-Jean likely a settings difference. Checked the video from a validation VM and second PC and it was the same as was shown in the video.
Timothy, I think this is a newer feature. Just found it randomly one day before installing Putty on my laptop (faster than mobaxterm pro for simple tasks.)
@Bertold Kolics ssh-keygen and ssh-agent both read from %userprofile%\.ssh\ and I’d assume you’d need to save the keys from putty-agent into that folder and run ssh-agent at some point.
Note, I have to restart my computer for it to work in command prompt after install.
Or you could install Windows Subsystem for Linux and get a proven SSH client among many other Linux terminal apps at native speeds in Windows.
Windows Subsystem for Linux:
https://docs.microsoft.com/en-us/windows/wsl/about
Sorry but I don’t see how a rudementric ssh client can replace PuTTY. I certainly will continue to use PuTTY as I have a lot of different machines to access from my Windows hosts and PuTTY just makes it so much easier to switch between hosts.
Not to mention that PuTTY works nicely in connection with WinSCP, which I uses at least as much as PuTTY itself…
It would be nice if they add Mosh (https://mosh.org) support on the client..
@Bitbeisser PuTTY is a GUI, that’s why. You’re just using a easy GUI to do things. Although I do agree that the host switch is pretty nice.
@william You’re implying… that the ORIGINAL ssh client… will ever have tabs? Are you really that crazy?
Thanks NoMachine who started the port
Next step, a replacement for WinSCP?
(Actually I think I’ll stick with PuTTY for the moment, thanks)
Congrats Patrick and STH in general for a hit article! I’ve seen this article linked everywhere!
COOOOOL
> For those who use Putty as the simple SSH solution on Windows, those days are numbered.
Well, I don’t see a reason to switch from production ready PuTTY to a half-finished ssh implementation from Microsoft – except if you enjoy working with software full of bugs.
And who knows when (or if) it will leave the beta phase, so “those days” might become a very long time…
It is an interesting proof of concept, but it has a way to go. Configuration wise it works with a .ssh directory and a standard OpenSSH config file, which is nice. Unfortunately it does’t work properly with keys. I believe it may work with a password-less key, but since all mine have a passphrase it isn’t any use at all. Once this is sorted I may see how well the forwarding / tunnelling works. On the plus side, WSL looks to be usable with SSH now. When I last tried it the fonts were all over the place in Mutt once I’d logged in.
I don’t know why, but I keep getting this error: “Unable to negotiate with x.x.x.x port 22: no matching key exchange method found.”
“ssh -V” gives: OpenSSH_7.5p1, without OpenSSL
Right now I will just wait for the virtual Windows 10 to develop and continue using Arch Linux with Bash for SSH connections. But I will definitely keep an eye on this. Thanks for the article!
When I go to go to “Manage Optional Features” then + “Add a feature” on my work pc domain joined W10 Enterprise no features are available. On my W10 Home pc I see them. Any ideas?
Craig: Check that “windows update”-service is running. Windows uses windows update to fetch those optional features.
Putty was nice in the 90’s. I started using BitVise SSH after that. They had me with the SFTP interface.
Have this feature for a few months by now
ssh -V
OpenSSH_7.5p1, LibreSSL 2.5.3
@Gary msys+mingw and cygwin are completely unrelated. The Git for Windows is a native program. See http://www.mingw.org/
I found the fix to When I go to go to “Manage Optional Features” then + “Add a feature” on my work pc domain joined W10 Enterprise no features are available.
The problem is that the system uses WSUS and Optional Features come direct from Microsoft, so by temporarily setting WSUS updates to point to Microsoft instead of a specific local server you can get the updates.
FIX:
Regedit > Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > Change UseWUServer value from 1 to 0 > Reboot > Add a feature > select SSH Client > Reboot > You may then set the UseWUServer value back to 1.
1 = local server 0 = Microsoft
@fox: You need to adjust the Key Algorithms Exchanged:
List available algorithms: ssh -Q kex
Here’s what I use:
KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,curve25519-sha256@libssh.org
In your home directory, create .ssh\config
In that file put the KexAlgorithms from above
–Jim
@Ferdie van Schalkwyk: For a tabbed Windows console, try ConEmu. It works great – you can have one or more PowerShell consoles, one or more cmd.exe consoles, and you can also use Git Bash and Putty too.
HOW DO I PLAY MY GAMES
This is not even good enough to classified as useless
Does anyone know how to use it when connecting to an AWS instance?
Puttys days are numbered eh? Microsofts (almost working) command-line SSH client is THAT much of a gamechanger is it?
Oh behave yourself!
The windows terminal is still crap compared to Putty or even some of the various cygterms out there. I guess you could just install one via apt-get from the Ubuntu/Linux subsystem. Maybe MS should focus more of an integrated X11 rootless server first so people don’t have to install 3rd party ones?