Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
A step by step tutorial on how to automatically start ssh server on boot on the Windows Subsystem for Linux

How to automatically start ssh server on boot on Windows Subsystem for Linux

Microsoft partnered with Canonical to create Bash on Ubuntu on Windows, running through a technology called the Windows Subsystem for Linux. Below are instructions on how to set up the ssh server to run automatically at boot.

  1. Edit the /etc/ssh/sshd_config file by running the command sudo vi /etc/ssh/sshd_config and do the following
    1. Change Port to 2222 (or any other port above 1000)
    2. Change PasswordAuthentication to yes. This can be changed back to no if ssh keys are setup.
  2. Restart the ssh server:
    • sudo service ssh --full-restart
  3. With this setup, the ssh server must be turned on every time you run Bash on Ubuntu on Windows, as by default it is off. Use this command to turn it on:
    1. sudo service ssh start
  4. Follow the next steps which will create scripts that start the ssh server automatically:
    1. Create a sshd.bat file and edit it with the following commands:

      • vi sshd.bat
      • Add the following code: C:\Windows\System32\bash.exe -c "sudo /usr/sbin/sshd -D"
      • Save the file and move it to a more accessible location, e.g. mv ssh.bat /mnt/c/Users/YourUserName/Documents. Make sure to match your username! Take note of this location for the next step as in Windows language this corresponds to C:\Users\YourUserName\Documents
    2. Create a sshd.vbs file and edit it with the following commands:

      • vi sshd.vbs
      • Add the following code, making sure to put in your actual user name:
      Set WinScriptHost = CreateObject("WScript.Shell")
      WinScriptHost.Run Chr(34) & "C:\Users\YourUserName\Documents\sshd.bat" & Chr(34), 0
      Set WinScriptHost = Nothing
      
      • Save the file and move it to a more accessible location, e.g. mv sshd.vbs /mnt/c/Users/YourUserName/Documents.
      • Open start menu, type run. Then type shell:startup. Copy the vbs file over to the Startup folder
    3. Finally, you will need to configure the ssh server to start without requiring password. Run the command sudo visudo and add this line to the end of the file:

      • %sudo ALL=NOPASSWD: /usr/sbin/sshd
  5. If configured properly, the ssh server should now automatically start in the background when Windows starts.
@mclamb

This comment has been minimized.

Copy link

commented Mar 9, 2018

This is great, thanks. Have you figured out how to get it to run via Task Scheduler or the like so that it runs on boot, without requiring the user to login first?

@lewixlabs

This comment has been minimized.

Copy link

commented Mar 21, 2018

Working... thank you!

@oxpy

This comment has been minimized.

Copy link

commented Apr 19, 2018

it works. thank you

@mhugo

This comment has been minimized.

Copy link

commented Apr 20, 2018

Great, thanks. Why is the VBS script needed ?

@eliellis

This comment has been minimized.

Copy link

commented Apr 23, 2018

@mhugo the vbscript silently runs the process as opposed to having to have the CMD window hang open to keep the ssh process running

@harleyday

This comment has been minimized.

Copy link

commented May 7, 2018

I have found that the instructions above no longer work if you've upgraded your Windows Subsystem Linux Ubuntu to 18.04LTS since the UsePrivilegeSeparation option has been depreciated on the ssh server for 18.04LTS. I forked this Gist, and made a modification which now works on 18.04. Please see my Gist if you have this issue.

@evvil

This comment has been minimized.

Copy link

commented May 10, 2018

@nopeppermint

This comment has been minimized.

Copy link

commented May 17, 2018

Save the file and move it to a more accessible location, e.g. mv ssh.bat /mnt/c/Users/YourUserName/Documents

should be => mv sshd.bat

@shadowink

This comment has been minimized.

Copy link

commented May 22, 2018

I'm trying to figure out how to run this on Windows Server Core, where there's no GUI and all the setup needs to be done via Powershell. The Register-ScheduledJob command won't run a vbs file on boot, only powershell...

@weberjn

This comment has been minimized.

Copy link

commented Jun 10, 2018

it works as Windows Task Scheduler/Action, too.

  • BootTrigger

  • Run whether user is logged on or not. Save Passwort !!

    %windir%\System32\bash.exe

    -c "sudo service ssh start"

Now I only see WSL in putty, no longer need of WSL console.

@macxfadz

This comment has been minimized.

Copy link

commented Jul 7, 2018

Thank you,

@troytse

This comment has been minimized.

Copy link

commented Jul 16, 2018

Hi guys, I made a script to support starting the WSL services on Windows start.
WSL Autostart

@jdillon222

This comment has been minimized.

Copy link

commented Aug 11, 2018

Well done, works like a charm.

@liamwhan

This comment has been minimized.

Copy link

commented Sep 6, 2018

Works great,

If you're having trouble getting this to work, I needed to create a rule in Windows Firewall to open port 2222,

@MarkBolden

This comment has been minimized.

Copy link

commented Dec 4, 2018

Worked perfectly!! Great instructions!!! Thank you!

@hsali

This comment has been minimized.

Copy link

commented Dec 15, 2018

great work.

@LarryX

This comment has been minimized.

Copy link

commented Dec 26, 2018

Runnng sudo service ssh --full-restart with WSL Ubuntu18.04, got:
/etc/ssh/sshd_config line 54: Deprecated option UsePrivilegeSeparation
Is UsePrivilegeSeparation still necessary?

@rainabba

This comment has been minimized.

Copy link

commented Jan 14, 2019

Hit this today while researching my WSL SSH troubles and ultimately, I need to ensure my username was listed on an "AllowUsers " option in /etc/ssh/sshd_config. I had done a copy/paste job but it had AllowUsers user and I hadn't caught that.

@otterstedt

This comment has been minimized.

Copy link

commented Jan 16, 2019

Great work!

What is the reason to reinstall openssh-server?

I managed to get it working by following these instructions but without reinstalling the sshd software.

I had to put mkdir -p /run/sshd in the sshd.bat file though

C:\Windows\System32\bash.exe -c "sudo mkdir -p /run/sshd && sudo /usr/sbin/sshd -D"

Otherwise it complained about missing privilege separation folder. Seems it got removed between restarts.

Maybe this is the reason to reinstall sshd?

It also works fine at port 22, I did not have to change port. Is there a reason not to work with password less sudo for the user starting sshd?

@dentechy

This comment has been minimized.

Copy link
Owner Author

commented Feb 13, 2019

Haven't been on GitHub in a while. Thanks for the feedback everyone. I made a couple changes to the gist, taken into account that WSL has changed with Ubuntu 18.04. As always feel free to suggest improvements.

I'll make more modifications as my schedule permits!

@dentechy

This comment has been minimized.

Copy link
Owner Author

commented Feb 13, 2019

Great work!

What is the reason to reinstall openssh-server?

I managed to get it working by following these instructions but without reinstalling the sshd software.

I had to put mkdir -p /run/sshd in the sshd.bat file though

C:\Windows\System32\bash.exe -c "sudo mkdir -p /run/sshd && sudo /usr/sbin/sshd -D"

Otherwise it complained about missing privilege separation folder. Seems it got removed between restarts.

Maybe this is the reason to reinstall sshd?

It also works fine at port 22, I did not have to change port. Is there a reason not to work with password less sudo for the user starting sshd?

As of the latest WSL with Ubuntu 18.04, it is no longer necessary to reinstall the openssh-server. I forget which issue that resolved back when I first made the guide.

Also it is no longer necessary to do privilege separation. Guide has been updated to remove this step

@xlla

This comment has been minimized.

Copy link

commented Mar 13, 2019

it complained about missing privilege separation folder.
I am use @weberjn 's advise, direct all service ssh start and change visudo to add permission to service

@dlardo

This comment has been minimized.

Copy link

commented Mar 29, 2019

In case this helps someone: I couldn't figure out why mine wasn't working until I figured out I had 2 registered distributions of Linux running on my system.

>wslconfig /l
Windows Subsystem for Linux Distributions:
Ubuntu (Default)
Ubuntu-18.04

To set which destination the WSL commands go to, you will want to: wslconfig /setdefault Ubuntu-18.04

@bilbo63

This comment has been minimized.

Copy link

commented Apr 12, 2019

As of Win10 1809 (perhaps earlier?), the wsl.exe command (kind of a replacement for bash.exe) has a "-u" option to specify which "Linux" login should be used. Rather than messing with sudo, why not just use "wsl -u root [linux command here]"? It should make things much simpler.

@edap

This comment has been minimized.

Copy link

commented Apr 25, 2019

It did not work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.