enable-ssh
Architecture: any
Architecture: any
Architecture: any
Architecture: any
name: enable-ssh
fodder:
- name: ssh-server
type: shellscript
fileName: enable_sshd.ps1
content: |
#ps1_sysnative
$ErrorActionPreference = 'Stop'
if ([System.Environment]::OSVersion.Version.Build -lt 17763) {
Write-Output "OpenSSH Server capability only exists in Windows 1809 or newer."
exit -1
}
$null = Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
# Make sure the sshd service exists
if (!(Get-Service sshd -ErrorAction SilentlyContinue)) {
Write-Output "sshd service does not exist, you may have to install OpenSSH manually."
exit -1
}
# Start the sshd service
Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'
# Confirm the Firewall rule is configured. It should be created automatically by the setup.
if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue)) {
Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
} else {
Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
# Enable for all network profiles. Windows Server 2025 only allows private networks by default.
Set-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -Profile 'Any'
# Explicitly enable the firewall rule just in case
Enable-NetFirewallRule -Name 'OpenSSH-Server-In-TCP'
}