SSH connection from Linux to Windows without password (with ssh-key)

It’s been quite a long time thinking about whether it’s possible to connect from Linux to windows without a password or not. After some research I found out a way and which I’m going to share with you below.

  1. Install OpenSSH Server and Client on windows with powershell or default way.
Check ssh binary windows

Use ssh-keygen.exe to create a .ssh directory, id_rsa id_rsa.pub keys with powershell, and create an authorized_key file.

2. Add these commands for Startup Automatic for ssh services on powershell cli and check sshd

Set-Service sshd -StartupType AutomaticSet-Service ssh-agent -StartupType AutomaticGet-Service sshd, ssh-agent

3. Use ssh-keygen to generate a new SSH key on Linux 🐧

4. Create administrators_authorized_keys file with powershell cli

(Run as administrator)

5. Copy this command and put it on PowerShell to allow ssh on windows

6. Copy 🐧Linux id_rsa.pub key on Windows

C:\ProgramData\ssh\administrators_authorized_keys file

7. Note that if the folder .ssh and does not already exist, the above command will fail. Besides, it might be better when creating the file to set a minimum possible permission (basically read-write for owner only).
Make sure that the ACL of the .ssh folder and the administrators_authorized_keys so that only a respective Windows account has to write access to the folder and the file (what is the default access level, if you create the folder and the file, while logged in using the respective account).

With powershell cli you can remove AUTHORITY\Authenticated Users”

get-acl C:\ProgramData\ssh\ssh_host_dsa_key | set-acl C:\ProgramData\ssh\administrators_authorized_keysicacls "C:\ProgramData\ssh\administrators_authorized_keys" /inheritance:rRestart-Service -Name sshd, ssh-agent -ForceGet-Service -Name ssh-agent,sshd

8. Check ssh connection from 🐧linux machine.

If it doesn’t work then do it all as shown below :

Put these in your sshd_config, uncommenting preexisting entries as needed, found under c:\ProgramData\ssh\

Then on cmd net stop sshd and net start sshd or

with powershell

This probably means that your authorized_keys are readable by everyone on the computer, but at least it works.

DevOps Engineer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store