Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
A step by step tutorial on how to automatically start ssh server on boot on the Windows Subsystem for Linux

How to automatically start ssh server on boot on Windows Subsystem for Linux

Microsoft partnered with Canonical to create Bash on Ubuntu on Windows, running through a technology called the Windows Subsystem for Linux. Below are instructions on how to set up the ssh server to run automatically at boot.

  1. Edit the /etc/ssh/sshd_config file by running the command sudo vi /etc/ssh/sshd_config and do the following
    1. Change Port to 2222 (or any other port above 1000)
    2. Change PasswordAuthentication to yes. This can be changed back to no if ssh keys are setup.
  2. Restart the ssh server:
    • sudo service ssh --full-restart
  3. With this setup, the ssh server must be turned on every time you run Bash on Ubuntu on Windows, as by default it is off. Use this command to turn it on:
    1. sudo service ssh start
  4. Follow the next steps which will create scripts that start the ssh server automatically:
    1. Create a sshd.bat file and edit it with the following commands:

      • vi sshd.bat
      • Add the following code: C:\Windows\System32\bash.exe -c "sudo /usr/sbin/sshd -D"
      • Save the file and move it to a more accessible location, e.g. mv ssh.bat /mnt/c/Users/YourUserName/Documents. Make sure to match your username! Take note of this location for the next step as in Windows language this corresponds to C:\Users\YourUserName\Documents
    2. Create a sshd.vbs file and edit it with the following commands:

      • vi sshd.vbs
      • Add the following code, making sure to put in your actual user name:
      Set WinScriptHost = CreateObject("WScript.Shell")
      WinScriptHost.Run Chr(34) & "C:\Users\YourUserName\Documents\sshd.bat" & Chr(34), 0
      Set WinScriptHost = Nothing
      
      • Save the file and move it to a more accessible location, e.g. mv sshd.vbs /mnt/c/Users/YourUserName/Documents.
      • Open start menu, type run. Then type shell:startup. Copy the vbs file over to the Startup folder
    3. Finally, you will need to configure the ssh server to start without requiring password. Run the command sudo visudo and add this line to the end of the file:

      • %sudo ALL=NOPASSWD: /usr/sbin/sshd
  5. If configured properly, the ssh server should now automatically start in the background when Windows starts.
@steveorsomethin
Copy link

steveorsomethin commented Jun 21, 2019

I solved this problem as follows (instead of the above steps)

  1. Set up sshd on distro of choice. Ensure it works (firewall set up properly, etc.) when launched manually
  2. Ensure that the distro which will run sshd is the default distro (use wslconfig)
  3. Create a task using Task Scheduler (taskschd.msc) that has the action "Start a program", with the program set to wsl with optional arguments -u root service ssh start
  4. Set the task to run on computer startup. Specify a user account to run the task as, and specify that the task run whether or not the user is logged in

FWIW, I'm using the Debian distro.

This worked for me, thanks everyone.

In case anyone is still stuck on 1803 as I was, you can get 1903 here (It has the new wsl that supports -u): https://www.microsoft.com/en-au/software-download/windows10

@sinchantsao
Copy link

sinchantsao commented Jul 8, 2019

hi dude, I am confusing at the step

Open start menu, type run. Then type shell:startup. Copy the vbs file over to the Startup folder

cause I am not the person that English as the first language and , so I could not understand what means 'start menu', it means CMD?or Windows Key? I tried but failed.

@kenmanheimer
Copy link

kenmanheimer commented Jul 23, 2019

The proposed sudoers configuration enables anyone with access to the WSL shell to stop sshd (and reload, etc) as well as start it. It's trivial to change the configuration to restrict the configuration change so it only allows starting sshd without a password:

  • %sudo ALL=NOPASSWD: /usr/sbin/sshd start

Much less risky (though still not altogether secure).

@riebling
Copy link

riebling commented Jul 24, 2019

I solved this problem as follows (instead of the above steps)

1. Set up sshd on distro of choice. Ensure it works (firewall set up properly, etc.) when launched manually

2. Ensure that the distro which will run sshd is the default distro (use `wslconfig`)

3. Create a task using Task Scheduler (`taskschd.msc`) that has the action "Start a program", with the program set to `wsl` with optional arguments `-u root service ssh start`

4. Set the task to run on computer startup. Specify a user account to run the task as, and specify that the task run whether or not the user is logged in

FWIW, I'm using the Debian distro.

This answer is WONDERFUL. The interface to Task Scheduler is HORRIBLY CONFUSING. It does not look or work like any other program on any other OS I have ever seen, and I've seen a few in the past 40 years :)

But yes, this is a great solution, I find better than the others here.

@vkobozev
Copy link

vkobozev commented Sep 25, 2019

Another way without Task Scheduler:

  1. On the WSL put to the end of the /etc/sudoers file the following line:
    %sudo ALL=NOPASSWD: /etc/init.d/ssh start

  2. Put to the shell:Startup folder bat file with the content:
    powershell.exe "& 'C:\Windows\System32\bash.exe' -c 'sudo /etc/init.d/ssh start'"

That's it!

no sudo promt
no Task Scheduler stuff
no stucking daemon process like sudo /usr/sbin/sshd -D
no WSL window open

@counter2015
Copy link

counter2015 commented Sep 26, 2019

@vkbozev Thanks! You save my day!
BTW: when copy to shell:Startup, it alert that I have no access to this folder however I'm admin.
I solved it by copying ink of bat file .

@T-G-U
Copy link

T-G-U commented Oct 28, 2019

@vkbozev. Thank you for help. Apparently, your solution works fine, but only on Win 10.0.17134 installation while it keeps prompting for password on Win 10.18362. Both installations were created using the same Ubuntu 18.04 package. Any idea what makes this difference?

@vkobozev
Copy link

vkobozev commented Oct 28, 2019

@vkbozev. Thank you for help. Apparently, your solution works fine, but only on Win 10.0.17134 installation while it keeps prompting for password on Win 10.18362. Both installations were created using the same Ubuntu 18.04 package. Any idea what makes this difference?

I have running Windows 10 Enterprise 18362.30 v1903, and Ubuntu 18.04 as WSL. So this is not a root cause I think.

@T-G-U
Copy link

T-G-U commented Oct 28, 2019

@gordallott
Copy link

gordallott commented Nov 3, 2019

my wsl1 converted to wsl2 machine failed with this setup. the ssh keys weren't generated yet, I needed a dpkg-recongfigure openssh-server as root before sshd was actually available

the port 2222 also isn't needed

@kb1ooo
Copy link

kb1ooo commented Nov 8, 2019

@vkobozev don't scripts in shell:startup only get executed on login, not boot?

@westfly
Copy link

westfly commented Nov 18, 2019

thx
save as file ssd_start.vbs

Set wshell=wscript.createobject("wscript.shell")
wshell.run "C:\Windows\System32\bash.exe",0
wshell.run "C:\Windows\System32\bash.exe  -c 'sudo /usr/sbin/service ssh start'",0
Set wshell=Nothing

will ok too
----update---
after update to Microsoft Insider Version, Single Quotation Marks failed, so

wshell.run "C:\Windows\System32\bash.exe  -c 'sudo /usr/sbin/service ssh start'",0
'Change to 
wshell.run "C:\Windows\System32\bash.exe  -c ""sudo /usr/sbin/service ssh start""",0

@tao-sj
Copy link

tao-sj commented Apr 1, 2020

This is great, thanks. Have you figured out how to get it to run via Task Scheduler or the like so that it runs on boot, without requiring the user to login first?

https://www.illuminiastudios.com/dev-diaries/ssh-on-windows-subsystem-for-linux/

@robruenes
Copy link

robruenes commented Apr 29, 2020

@vkobozev your solution worked for me, this is great!

@downvoteit
Copy link

downvoteit commented May 5, 2020

Just created a scheduled, simple job in taskschd.msc that runs wsl -u root service ssh start on user log-in. Enabled ssh, cron and atd this way, was easy and did not require whitelisting any .bat or .vbs script in Windows Defender.

@rescenic
Copy link

rescenic commented May 6, 2020

Just created a scheduled, simple job in taskschd.msc that runs wsl -u root service ssh start on user log-in. Enabled ssh, cron and atd this way, was easy and did not require whitelisting any .bat or .vbs script in Windows Defender.

In some systems, Task Scheduler can fail and need to run it manually. The best thing is use another AV and ditch Windows Defender.

@downvoteit
Copy link

downvoteit commented May 6, 2020

Just created a scheduled, simple job in taskschd.msc that runs wsl -u root service ssh start on user log-in. Enabled ssh, cron and atd this way, was easy and did not require whitelisting any .bat or .vbs script in Windows Defender.

In some systems, Task Scheduler can fail and need to run it manually. The best thing is use another AV and ditch Windows Defender.

Well if you have trouble setting up your development system I can help with that as well

@rescenic
Copy link

rescenic commented May 6, 2020

Just created a scheduled, simple job in taskschd.msc that runs wsl -u root service ssh start on user log-in. Enabled ssh, cron and atd this way, was easy and did not require whitelisting any .bat or .vbs script in Windows Defender.

In some systems, Task Scheduler can fail and need to run it manually. The best thing is use another AV and ditch Windows Defender.

Well if you have trouble setting up your development system I can help with that as well

I already tested with vbs files.
https://github.com/rescenic/autossh

@hanung665
Copy link

hanung665 commented May 28, 2020

I solved this problem as follows (instead of the above steps)

1. Set up sshd on distro of choice. Ensure it works (firewall set up properly, etc.) when launched manually

2. Ensure that the distro which will run sshd is the default distro (use `wslconfig`)

3. Create a task using Task Scheduler (`taskschd.msc`) that has the action "Start a program", with the program set to `wsl` with optional arguments `-u root service ssh start`

4. Set the task to run on computer startup. Specify a user account to run the task as, and specify that the task run whether or not the user is logged in

FWIW, I'm using the Debian distro.

Thanks.. this one works for me. I use Ubuntu 18.04 (as default) from Windows Store and WSL 2.

@distante
Copy link

distante commented Jun 27, 2020

I solved this problem as follows (instead of the above steps)

  1. Set up sshd on distro of choice. Ensure it works (firewall set up properly, etc.) when launched manually
  2. Ensure that the distro which will run sshd is the default distro (use wslconfig)
  3. Create a task using Task Scheduler (taskschd.msc) that has the action "Start a program", with the program set to wsl with optional arguments -u root service ssh start
  4. Set the task to run on computer startup. Specify a user account to run the task as, and specify that the task run whether or not the user is logged in

FWIW, I'm using the Debian distro.

This is also working for me using Ubuntu 20.04

@majidnow
Copy link

majidnow commented Sep 16, 2020

Nice. It's worked.

@anishsane
Copy link

anishsane commented Oct 13, 2020

I have a question.
I know that I can create a service.bat that runs wsl /etc/init.d/service start. I can also add it to windows startup via startup folder/registry/task scheduler.

However, I occasionally do wsl --shutdown to test any network/X server changes. And to start it again, I run bash.exe /path/to/my-custom-script.sh (usually gnome-terminal.sh with some arguments).
I prefer not to add the service start logic in my-custom-script.sh (there could be multiple such scripts.)

Is there a way to start a Linux service when WSL (re)starts?

@StefanoFrazzetto
Copy link

StefanoFrazzetto commented Dec 3, 2020

@anishsane You could enable the service within WSL to autostart: sudo systemctl enable ssh

@placasse
Copy link

placasse commented Feb 16, 2021

Thanks everyone.
I have it working, but not easily.
What worked for me is the @joelrbrandt comment.

@bayeslearner
Copy link

bayeslearner commented Mar 6, 2021

@anishsane You could enable the service within WSL to autostart: sudo systemctl enable ssh

I can't get it to load automatically.

Manually loading works and stays until I restart wsl if I replace the systemctl with the one from here: https://github.com/gdraheim/docker-systemctl-replacement

@niecore
Copy link

niecore commented May 21, 2021

Add firewall rule as well:

netsh advfirewall firewall add rule name="SSH WSL" dir=in action=allow protocol=TCP localport=2222

@haipnh
Copy link

haipnh commented Nov 2, 2021

Another way without Task Scheduler:

  1. On the WSL put to the end of the /etc/sudoers file the following line:
    %sudo ALL=NOPASSWD: /etc/init.d/ssh start
  2. Put to the shell:Startup folder bat file with the content:
    powershell.exe "& 'C:\Windows\System32\bash.exe' -c 'sudo /etc/init.d/ssh start'"

That's it!

no sudo promt no Task Scheduler stuff no stucking daemon process like sudo /usr/sbin/sshd -D no WSL window open

Thanks ! What a concise way.

@quantenschaum
Copy link

quantenschaum commented Nov 18, 2021

It does not work as described, you need to run C:\Windows\System32\bash.exe -c "sudo /usr/sbin/sshd -D"``, otherwise /run/sshd` is missing.
I did not user the VBA thing, just created a task running on startup.

@sogemao
Copy link

sogemao commented Apr 10, 2022

I succeeded. I did this:
a、create “/etc/init.wsl” in linux,Write the following:
#! /bin/sh
/etc/init.d/ssh start

b、create “ubuntu.bat” on win,Write the following:
bash /etc/init.wsl

c、Move the “ubuntu.bat” to the Windows startup directory:
C:\Users\<YourUserName>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

@drunkpig
Copy link

drunkpig commented May 22, 2022

use nssm is more prefect.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment