Skip to main content
Windows 10

How to Use Native SSH Client in Windows 10

By March 29, 2021August 18th, 2021No Comments

The built-in SSH client appeared in Windows 10 and Windows Server 2019. Ssh.exe can be used to securely connect to Linux/UNIX servers, VMWare ESXi hosts and other devices instead of Putty, MTPuTTY and other third-party SSH clients. The native Windows SSH client is based on the OpenSSH port and is preinstalled in Windows starting from Windows 10 build 1809.

How to Enable (Install) the OpenSSH Client on Windows 10?

The OpenSSH client is included in Windows 10 Features on Demand (like RSAT). The SSH client is installed by default on Windows Server 2019, Windows 10 1809 and newer builds.

Check that the SSH client is installed:

Get-WindowsCapability -Online | ? Name -like 'OpenSSH.Client*'

install openssh client on windows 10

In our example, the OpenSSH client is installed (State: Installed).

If not (State: Not Present), you can install it using:

  • The PowerShell command: Add-WindowsCapability -Online -Name OpenSSH.Client*
  • With DISM: dism /Online /Add-Capability /CapabilityName:OpenSSH.Server~~~~0.0.1.0
  • Via Settings -> Apps -> Optional features -> Add a feature. Find OpenSSH client in the list and click Install.
windows 10 optional feature - OpenSSH client

OpenSSH binary files are located in c:\Windows\System32\OpenSSH\.

  • ssh.exe – the SSH client executable;
  • scp.exe – tool for copying files in an SSH session;
  • ssh-keygen.exe – tool to generate RSA SSH authentication keys;
  • ssh-agent.exe – used to manage RSA keys;
  • ssh-add.exe – adds a key to the SSH agent database.
openssh executables in windows 10

You can install OpenSSH on previous Windows versions as well: just download and install the Win32-OpenSSH from GitHub (you can find an example in the article: Configuring SSH FTP on Windows).

Using a Native SSH Client on Windows 10

To start the SSH client, run the PowerShell or cmd.exe prompt. You can list the available options and syntax for ssh.exe:

ssh

usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
[-D [bind_address:]port] [-E log_file] [-e escape_char]
[-F configfile] [-I pkcs11] [-i identity_file]
[-J [user@]host[:port]] [-L address] [-l login_name] [-m mac_spec]
[-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address]
[-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]]
destination [command]
native ssh.exe client on windows 10 / windows server 2019

In order to connect to a remote server using SSH, use the following command:

ssh username@host

If your SSH server is running on a port different from the standard TCP/22, specify the port number:

ssh username@host -p port

For example, to connect to a Linux host with the IP address 192.168.1.102 as root, run this command:

ssh [email protected]

At the first connection, you will see a request to add the host key to the trusted list. Type yes and press ENTER. Then the host key fingerprint is added to the C:\Users\username\.ssh\known_hosts file.

You will be prompted for a password. Specify your root password, and your remote Linux server’s console should open.

using ssh.exe to securely connect to linux from windows 10

Using SSH, you can connect both to *Nix OSs and Windows. In one of the previous posts, we showed how to configure an OpenSSH server in Windows 10 and connect to it from a Windows host using an SSH client.

If you use the SSH authentication with RSA keys (see an example on how to configure SSH authentication using keys in Windows), you can specify a path to the private key file in your SSH client as follows:

ssh [email protected] -i "C:\Users\username\.ssh\id_rsa"

You can also add a private key to SSH-Agent. First, enable the ssh-agent service and configure automatic startup for it.

set-service ssh-agent StartupType 'Automatic'
Start-Service ssh-agent

Add your private key to the ssh-agent database:

ssh-add "C:\Users\username\.ssh\id_rsa"

Then you will be able to connect to your server over SSH without specifying the path to the RSA key. It will be used automatically. Now you can securely connect to your server without a password (if you have not protected your RSA key with a different password):

ssh [email protected]

Here are some more useful SSH arguments:

  • -C – used to compress traffic between client and server (it is useful in case of slow or unstable connections)
  • -v – displays detailed information about all SSH client actions
  • -R/-L – can be used to forward ports using an SSH tunnel

Using SCP.exe to Transfer Files to/from Windows Host Using SSH

Using the scp.exe tool (is a part of Windows 10 SSH client package), you can copy a file from your computer to the SSH server:

scp.exe "E:\ISO\CentOS-8.1.x86_64.iso" [email protected]:/home
use scp.exe to copy files over ssh from windows to linux host (and vice versa)

You can copy all directory contents recursively:

scp -r E:\ISO\ [email protected]:/home

And vice versa, you can transfer a file from a remote server to your computer:

scp.exe [email protected]:/home/CentOS-8.1.x86_64.iso c:\iso If you configure authentication using RSA keys, you won’t be prompted to enter your password to transfer files. This is useful if you want to configure automatic scheduled file copying.

Thus, you can connect to SSH servers directly from your Windows 10, copy files using scp without any other third-party apps or tools.

Leave a Reply