OpenSSH not accepting my login password
Solution 1
I haven't set up any password for the SSH server yet. What is the default password for the server?
There isn't one.
Whenever I am trying to login into the server, I am asked for a password. I have only configured a single password for my Windows 10 PC, and that is the password of my Microsoft account. But, the server denies access with that password.
You are attempting to connect with the incorrect username. You should be using ssh Machine_Name\Username@localhost
to connect to the server.
Why do I need to give the \USER part?
You have to explicitly indicate which username you want to use in order to connect to the OpenSSH Server. You also indicated you used the syntax, ssh <my_name>@localhost
, which indicates the username was the name of your machine instead of your actual username.
Since <my_name>
isn't an actual username on the machine, the password authentication was failing, you actually have to use Username
and explicitly indicate it's on the machine Machine_Name\Username
.
The output of [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
will indicate what should be used.
Solution 2
Another reason why it may not accept a valid username and password is if the configured shell is wrong.
You can check which it is with
reg query HKLM\SOFTWARE\OpenSSH /v DefaultShell
To set it to Powershell, if you have it in the default directory:
reg add HKLM\SOFTWARE\OpenSSH /v DefaultShell /d C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe
Related videos on Youtube
Puspam
Updated on September 18, 2022Comments
-
Puspam over 1 year
I have successfully set up OpenSSH server and client running through the Windows 10 optional features section.
Whenever I am trying to login into the server, I am asked for a password. I have only configured a single password for my Windows 10 PC, and that is the password of my Microsoft account. But, the server denies access with that password. I haven't set up any password for the SSH server yet.
What is the default password for the server?Here are the contents of the
sshd_config
file in%PROGRAMDATA%\ssh\
folder :# This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options override the # default value. #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: #HostKey __PROGRAMDATA__/ssh/ssh_host_rsa_key #HostKey __PROGRAMDATA__/ssh/ssh_host_dsa_key #HostKey __PROGRAMDATA__/ssh/ssh_host_ecdsa_key #HostKey __PROGRAMDATA__/ssh/ssh_host_ed25519_key # Ciphers and keying #RekeyLimit default none # Logging #SyslogFacility AUTH #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin prohibit-password #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 #PubkeyAuthentication yes # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 # but this is overridden so installations will only check .ssh/authorized_keys AuthorizedKeysFile .ssh/authorized_keys #AuthorizedPrincipalsFile none # For this to work you will also need host keys in %programData%/ssh/ssh_known_hosts #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no #PermitTTY yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #PermitUserEnvironment no #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS no #PidFile /var/run/sshd.pid #MaxStartups 10:30:100 #PermitTunnel no #ChrootDirectory none #VersionAddendum none # no default banner path #Banner none # override default of no subsystems Subsystem sftp sftp-server.exe # Example of overriding settings on a per-user basis #Match User anoncvs # AllowTcpForwarding no # PermitTTY no # ForceCommand cvs server
This is the output of
Get-NetFirewallRule -Name *ssh*
:Name : OpenSSH-Server-In-TCP DisplayName : OpenSSH SSH Server (sshd) Description : Inbound rule for OpenSSH SSH Server (sshd) DisplayGroup : OpenSSH Server Group : OpenSSH Server Enabled : True Profile : Any Platform : {} Direction : Inbound Action : Allow EdgeTraversalPolicy : Block LooseSourceMapping : False LocalOnlyMapping : False Owner : PrimaryStatus : OK Status : The rule was parsed successfully from the store. (65536) EnforcementStatus : NotApplicable PolicyStoreSource : PersistentStore PolicyStoreSourceType : Local Name : SshProxy-Service DisplayName : SshProxy-Service-Private Description : SSH Server Proxy Service DisplayGroup : Ssh Server Group : Ssh Server Enabled : True Profile : Private Platform : {} Direction : Inbound Action : Allow EdgeTraversalPolicy : Block LooseSourceMapping : False LocalOnlyMapping : False Owner : PrimaryStatus : OK Status : The rule was parsed successfully from the store. (65536) EnforcementStatus : NotApplicable PolicyStoreSource : PersistentStore PolicyStoreSourceType : Local Name : SshProxy-Service-Domain DisplayName : SshProxy-Service-Domain Description : SSH Server Proxy Service DisplayGroup : Ssh Server Group : Ssh Server Enabled : True Profile : Domain Platform : {} Direction : Inbound Action : Allow EdgeTraversalPolicy : Block LooseSourceMapping : False LocalOnlyMapping : False Owner : PrimaryStatus : OK Status : The rule was parsed successfully from the store. (65536) EnforcementStatus : NotApplicable PolicyStoreSource : PersistentStore PolicyStoreSourceType : Local
Output of
[System.Security.Principal.WindowsIdentity]::GetCurrent().Name
:<my_name>\USER
-
Ramhound over 4 yearsThere isn't a default password. You can only access the machine using an account that exists on the machine with OpenSSH Server installed on it.
-
JW0914 over 2 yearsSSHing via a password isn't that secure - generate a PKI key pair via
ssh-keygen
, encrypt the private key with a passphrase, add it to your user's~\.ssh\authorized_keys
, and use it to login. -
Admin almost 2 yearsHey, is your issue solved?
-
-
vaughan about 2 yearsWhat if you use a pin to login and your Microsoft account login?