Loosely Decoupled - PowerShell, AWS Automation, DevOps Tutorials

Practical scripts, patterns, and build logs for engineers shipping automation with PowerShell, AWS, DevOps, and infrastructure as code.

Core topics

Loosely Decoupled is a practical engineering notebook for real-world automation. The focus is repeatable scripts, tested deployment patterns, and transparent build logs that show what worked, what failed, and what changed.

Guides

  • PowerShell scripting guides (coming soon)
  • AWS automation playbooks (coming soon)
  • CloudFormation templates and patterns (coming soon)
  • DevOps workflows and release pipelines (coming soon)
  • Infrastructure as Code architecture notes (coming soon)

PowerShell snippet

Example script style you can expect on the site:

# Export stopped services to CSV for quick triage
Get-Service |
  Where-Object Status -eq Stopped |
  Select-Object Name, DisplayName, StartType |
  Export-Csv -Path .\stopped-services.csv -NoTypeInformation

Latest preview

How to Enable OpenSSH on Windows Server 2022 for Secure Remote Administration (Step-by-Step)

Windows Server Administration

Windows Server 2022 | SSH | Secure Shell | System Administration | IT Management | Automation | Security

Note: These steps should be similar on Windows Server 2025, but this walkthrough has only been tested on Windows Server 2022.

In the evolving landscape of IT management, secure and efficient remote access to your servers is critical. With Windows Server 2022, you can enable SSH (Secure Shell) for secure command-line access, facilitating better automation and management. I wanted to try this out recently, to see if it would work with Visual Studio Code's Remote Development Extension. I won't cover that in this post, since I'm still experimenting with it at the time I'm writing this.

This guide will walk you through the process of enabling and configuring the SSH server on your Windows Server 2022.

Why use SSH on Windows Server?

SSH provides a secure channel over an unsecured network, allowing encrypted communication and secure login from a remote computer. It's widely used for remote management and automation, offering numerous benefits:

  • Security: Encrypted connections protect data integrity and confidentiality.
  • Automation: Easily script and automate administrative tasks.
  • Compatibility: Standardized protocol compatible with many tools and platforms.

Step-by-step guide to enable SSH on Windows Server 2022

If you are looking for a fully automated method, see Configuring SSH Access on Windows Server 2022 Using PowerShell.

Step 1: Install OpenSSH Server

  1. Open Windows Settings: Press Win + I to open the Settings app.
  2. Navigate to Apps: Go to Apps > Optional Features.
  3. Add a feature: Click Add a feature.
  4. Install OpenSSH Server: Search for OpenSSH Server, select it, then click Install.

If you are running Server Core, use the PowerShell method below instead of the Settings app.

Or install with PowerShell (Admin):

Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH.Server*'
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

Step 2: Start and configure the SSH service

Open PowerShell as Administrator, then run:

Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'
Get-NetFirewallRule -Name 'OpenSSH-Server-In-TCP'
Set-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -Enabled True

On most Windows Server 2022 systems, the OpenSSH install creates the OpenSSH-Server-In-TCP firewall rule. Only create a new rule if that rule does not exist.

Step 3: Verify SSH configuration

Check service status:

Get-Service -Name sshd

From a remote machine, connect with an SSH client:

ssh username@your_server_ip

Replace username with your Windows account username and your_server_ip with your server's IP address.

Additional configuration

Configuring SSH key-based authentication

Generate SSH keys on your client machine:

ssh-keygen

Then copy the public key contents into the correct authorized keys file on the server:

  • Standard user login: C:\Users\<username>\.ssh\authorized_keys
  • Administrator login with default Windows OpenSSH config: C:\ProgramData\ssh\administrators_authorized_keys

Make sure key files and the .ssh directory have restricted permissions, or OpenSSH may ignore them.

You may also edit C:\ProgramData\ssh\sshd_config for advanced settings, then restart the service:

Restart-Service sshd

Example setting to disable password authentication:

PasswordAuthentication no

Recommended sequence: keep password auth enabled until key-based login is confirmed, then disable password auth.

Security hardening checklist

  • Restrict who can sign in over SSH using AllowUsers or AllowGroups in sshd_config.
  • Avoid using the built-in Administrator account for SSH. Use a named admin account with least privilege.
  • Scope the firewall rule to trusted source IPs instead of opening port 22 globally.
  • Review OpenSSH logs regularly in Event Viewer under Applications and Services Logs > OpenSSH.

Example firewall scoping command:

Set-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -RemoteAddress 203.0.113.10,198.51.100.0/24

Conclusion

Enabling SSH on Windows Server 2022 enhances your ability to manage and automate tasks securely and efficiently. With SSH, you can leverage remote command-line access to improve administrative capabilities and streamline operations.

Get the Ultimate Guide to PowerShell and AWS

Unlock the full potential of PowerShell within the AWS ecosystem with my book, "Pro PowerShell for Amazon Web Services." Dive into a comprehensive resource packed with insights, examples, and practical knowledge designed to help you master automation and management of your AWS environment. Don't miss the opportunity to elevate your skills and streamline your AWS workflows.

Buy "Pro PowerShell for Amazon Web Services" on Amazon.com (affiliate link)

Disclaimer: This link is an Amazon affiliate link. If you make a purchase after clicking it, I may earn a small commission at no additional cost to you. Your support helps me continue creating valuable content.

Starter posts coming soon

  • PowerShell logging patterns for unattended jobs
  • AWS Systems Manager bootstrap workflow
  • CloudFormation nested stacks layout strategy
  • DevOps release checklist for small teams
  • IaC module versioning rules that scale
  • Terraform vs CloudFormation tradeoffs in mixed AWS teams

Contact

emmanueltsouris.com