Category: Windows
You can SSH into WSL from another machine by port forwarding SSH traffic to the Windows host using netsh and punching a hole in the Windows firewall. This example will map port 22 on the WSL instance to port 7222 on the Windows host and enable password authentication.
Note: Password authentication is an alternative to SSH public key authentication.
Configure SSH on WSL to prompt for a password by editing /etc/ssh/sshd_config ensuring the following value is set to disallow sending clear text passwords:
PasswordAuthentication noEnable challenge-response password authentication for SSH:
ChallengeResponseAuthentication yesCheck the status of SSH on the WSL instance:
sudo service ssh statusIf required, restart the SSH daemon to ensure any changes are committed:
sudo service ssh restartTo map port 22 on the WSL IP Address running at 172.18.80.220 to port 7222 on Windows, run the following PowerShell command on your Windows machine:
netsh interface portproxy add v4tov4 listenport=7222 listenaddress=0.0.0.0 connectport=22 connectaddress=172.18.80.220Note: The assigned IP address proxied using netsh for a WSL instance needs to be set when the WSL instance restarts.
Allow SSH traffic over port 7222 using netsh:
netsh advfirewall firewall add rule name=”Open the SSH Port for WSL” dir=in action=allow protocol=TCP localport=7222Connect to the WSL instance using SSH on port 7222. In the following command, the username for the WSL Linux account is joesoap and the IP address specified is for the Windows machine:
ssh [email protected] -p7222You will be prompted to enter your password.