安裝適用於 Windows Server 2019 和 Windows 10 的 OpenSSHInstallation of OpenSSH For Windows Server 2019 and Windows 10

OpenSSH 用戶端和 OpenSSH 伺服器是 Windows Server 2019 和 Windows 10 1809 中可獨立安裝的元件。The OpenSSH Client and OpenSSH Server are separately installable components in Windows Server 2019 and Windows 10 1809. 具有這些 Windows 版本的使用者應該使用後續的指示來安裝和設定 OpenSSH。Users with these Windows versions should use the instructions that follow to install and configure OpenSSH.

注意

從 PowerShell GitHub 存放庫 (https://github.com/PowerShell/OpenSSH-Portable) ) 取得 OpenSSH 的使用者應該使用該處的指示,__不應該__使用這些指示。Users who acquired OpenSSH from the PowerShell GitHub repo (https://github.com/PowerShell/OpenSSH-Portable) should use the instructions from there, and should not use these instructions.

從 Windows Server 2019 或 Windows 10 1809 上的設定 UI 安裝 OpenSSHInstalling OpenSSH from the Settings UI on Windows Server 2019 or Windows 10 1809

OpenSSH 用戶端和伺服器是 Windows 10 1809 的可安裝功能。OpenSSH client and server are installable features of Windows 10 1809.

若要安裝 OpenSSH,請啟動 [設定],然後移至 [應用程式] > [應用程式和功能] > [管理選用功能]。To install OpenSSH, start Settings then go to Apps > Apps and Features > Manage Optional Features.

掃描這份清單,查看是否已安裝 OpenSSH 用戶端。Scan this list to see if OpenSSH client is already installed. 如果沒有,請在頁面頂端選取 [新增功能],然後:If not, then at the top of the page select "Add a feature", then:

  • 若要安裝 OpenSSH 用戶端,請找出 [OpenSSH 用戶端],然後按一下 [安裝]。To install the OpenSSH client, locate "OpenSSH Client", then click "Install".
  • 若要安裝 OpenSSH 伺服器,請找出 [OpenSSH 伺服器],然後按一下 [安裝]。To install the OpenSSH server, locate "OpenSSH Server", then click "Install".

安裝完成之後,請回到 [應用程式] > [應用程式和功能] > [管理選用功能],您應該會看到 OpenSSH 元件列出來。Once the installation completes, return to Apps > Apps and Features > Manage Optional Features and you should see the OpenSSH component(s) listed.

注意

安裝 OpenSSH 伺服器將會建立並啟用名為 "OpenSSH-Server-In-TCP" 的防火牆規則。Installing OpenSSH Server will create and enable a firewall rule named "OpenSSH-Server-In-TCP". 這個規則會允許連接埠 22 上的輸入 SSH 流量。This allows inbound SSH traffic on port 22.

使用 PowerShell 安裝 OpenSSHInstalling OpenSSH with PowerShell

若要使用 PowerShell 安裝 OpenSSH,請先以系統管理員身分啟動 PowerShell。To install OpenSSH using PowerShell, first launch PowerShell as an Administrator. 若要確認 OpenSSH 功能可供安裝:To make sure that the OpenSSH features are available for install:

Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'

# This should return the following output:

Name  : OpenSSH.Client~~~~0.0.1.0
State : NotPresent
Name  : OpenSSH.Server~~~~0.0.1.0
State : NotPresent

然後,安裝伺服器和/或用戶端功能:Then, install the server and/or client features:

# Install the OpenSSH Client
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0

# Install the OpenSSH Server
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

# Both of these should return the following output:

Path          :
Online        : True
RestartNeeded : False

解除安裝 OpenSSHUninstalling OpenSSH

若要解除安裝 OpenSSH,請使用 Windows 設定,啟動 [設定],然後移至 [應用程式] > [應用程式和功能] > [管理選用功能]。To uninstall OpenSSH using the Windows Settings, start Settings then go to Apps > Apps and Features > Manage Optional Features. 在已安裝的功能清單中,選取 [OpenSSH 用戶端] 或 [OpenSSH 伺服器] 元件,然後選取 [解除安裝]。In the list of installed features, select the OpenSSH Client or OpenSSH Server component, then select Uninstall.

若要使用 PowerShell 解除安裝 OpenSSH,請使用下列其中一個命令:To uninstall OpenSSH using PowerShell, use one of the following commands:

# Uninstall the OpenSSH Client
Remove-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0

# Uninstall the OpenSSH Server
Remove-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

如果服務在解除安裝時仍在使用中,則在移除 OpenSSH 之後可能需要重新啟動 Windows。A Windows restart may be required after removing OpenSSH, if the service is in use at the time it was uninstalled.

SSH 伺服器的初始設定Initial Configuration of SSH Server

若要設定 OpenSSH 伺服器以在 Windows 上首次使用,請以系統管理員身分啟動 PowerShell,然後執行下列命令以啟動 SSHD 服務:To configure the OpenSSH server for initial use on Windows, launch PowerShell as an administrator, then run the following commands to start the SSHD service:

Start-Service sshd
# OPTIONAL but recommended:
Set-Service -Name sshd -StartupType 'Automatic'
# Confirm the Firewall rule is configured. It should be created automatically by setup. 
Get-NetFirewallRule -Name *ssh*
# There should be a firewall rule named "OpenSSH-Server-In-TCP", which should be enabled
# If the firewall does not exist, create one
New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22

初始使用 SSHInitial use of SSH

在 Windows 上安裝 OpenSSH 伺服器之後,您可以使用 PowerShell,從已安裝 SSH 用戶端的任何 Windows 裝置快速測試它。Once you have installed the OpenSSH Server on Windows, you can quickly test it using PowerShell from any Windows device with the SSH Client installed. 在 PowerShell 中輸入下列命令:In PowerShell type the following command:

Ssh username@servername

第一次連線到任何伺服器時,將會產生類似下列的訊息:The first connection to any server will result in a message similar to the following:

The authenticity of host 'servername (10.00.00.001)' can't be established.
ECDSA key fingerprint is SHA256:(<a large string>).
Are you sure you want to continue connecting (yes/no)?

答案必須是「是」或「否」。The answer must be either “yes” or “no”. 回答「是」會將該伺服器新增到本機系統的已知 ssh 主機清單中。Answering Yes will add that server to the local system's list of known ssh hosts.

此時,系統會提示您輸入密碼。You will be prompted for the password at this point. 作為安全性預防措施,您的密碼在您輸入時不會顯示。As a security precaution, your password will not be displayed as you type.

連線之後,您會看到類似下面的命令殼層提示字元:Once you connect you will see a command shell prompt similar to the following:

domain\username@SERVERNAME C:\Users\username>

Windows OpenSSH 伺服器使用的預設殼層是 Windows 命令殼層。The default shell used by Windows OpenSSH server is the Windows command shell.