How do I install and enable OpenSSH?

How do I install and enable OpenSSH?

Purpose

OpenSSH is a secure connectivity tool for remote sign-in using the SSH protocol. It encrypts all traffic between the client and server, preventing data leaks and malicious attacks.

ActiveProtect requires OpenSSH to back up SQL/Oracle databases and execute scripts. This article will guide you through how to install and enable OpenSSH.

Resolution

Windows

Before you start

  1. Launch Windows PowerShell as an administrator.
  2. Run the following command to check if the OpenSSH server is already installed:
    get-service sshd
  3. Based on the output:

Install OpenSSH server

Modern Windows versions include OpenSSH as an optional feature. Follow these steps to install it:

  1. Check if OpenSSH is available on your system by running:
    Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*
  2. Based on the output:
    • If OpenSSH is listed, note the exact service name and install it using:
      Add-WindowsCapability -Online -Name Exact Service Name
    • If no OpenSSH services are displayed, your Windows version does not include OpenSSH. Download the MSI file from the Windows Github repository and install it using:
      msiexec /i MSI File Path
    • If an error message appears, your virtual machine may not be connected to the Internet. Refer to the Windows documentation to determine whether you can install it directly or need to use GitHub.

Enable OpenSSH

  1. Once installed, set OpenSSH to start automatically:
    Get-Service sshd | Set-Service -StartupType Automatic -PassThru
    Start-Sevice sshd
  2. To verify if OpenSSH is running, use:
    get-service sshd

Linux

OpenSSH server is built into most Linux distributions and can be easily installed with a simple command:

  • Ubuntu/Debian
    sudo apt-get install openssh-server
  • Arch
    sudo pacman -S openssh
  • Red Hat
    yum install openssh-server

Check your OpenSSH Port

By default, SSH connections use port 22. However, if you've customized the settings, SSH may be using a different port. To check which port is currently in use, try one of the following methods:

Method 1: Check configuration files

  1. Open the SSH configuration file:
    • Windows: %programdata%/ssh/sshd_config
    • Linux: /etc/ssh/sshd_config
  2. Locate the Port setting in the file. If no port is specified, the default port 22 is in use. If there are multiple port statements, they indicate your custom port settings. Note that any line starting with # is not in effect.

Method 2: Run a command

  • Windows: Run the following command in PowerShell. If a customized port number is set, it will be displayed in the output. If there's no output, the default port 22 is being used.
    Select-String -Path "sshd_config" -Pattern "^Port" | ForEach-Object { $_.Line.Split()[1] }
  • Linux: Run the following command in Terminal. If a customized port number is set, it will be displayed in the output. If there's no output, the default port 22 is being used.
    grep -i '^port' /etc/ssh/sshd_config | awk '{print $2}'

Update port number in ActiveProtect

If SSH is set to use a non-default port, you must input this port number into ActiveProtect to ensure backup jobs function properly.

  1. Select the target virtual machines.
  2. Click on More and then select Specify credentials.
  3. On the Guest OS Credentials tab, enter the custom port number under Microsoft Hyper-V Information.
Purpose
Resolution
Windows
Linux
Check your OpenSSH Port