Johngai’s Tech Forge

Crafting the Future with AI and IoT

How to Setup and Enable SSH on WSL and Access from Other Computers

In this guide, we’ll walk you through setting up SSH on Windows Subsystem for Linux (WSL) so that you can access your WSL instance from other computers, either on your local network or over the internet. We’ll cover everything from installing and configuring the SSH service to dealing with common errors like ssh.socket failures, port mapping, and IP address issues.

Prerequisites:

  • WSL 2 installed (WLS 2 is recommended for better networking support).
  • Windows 10/11 with the latest updates.
  • Basic familiarity with Linux commands.

Step 1: Install the OpenSSH Server on WSL

Before you can access your WSL environment via SSH, you need to install the OpenSSH server in your WSL instance. Follow these steps:

  1. Open your WSL terminal (Ubuntu, Debian, or any other distribution you’re using).

  2. Install OpenSSH by running the following command:

    sudo apt update
sudo apt install openssh-server

  3. Check the status of the SSH service:

    sudo service ssh status

    You should see an output like:

    Active: inactive (dead)

    If it’s inactive, don’t worry—we’ll configure it shortly.

Step 2: Enable and Start the SSH Service

Now that you’ve installed SSH, you need to start and enable the service to allow remote connections:

  1. Start the SSH service:

    sudo service ssh start

  2. Enable the SSH service so that it starts automatically when you launch WSL:

    sudo systemctl enable ssh

  3. Verify the SSH service status:

    sudo systemctl status ssh

    The service should show as “active” once it’s running.

Step 3: Deal with ssh.socket Error (If It Happens)

You may encounter an error like Dependency failed for ssh.service - OpenBSD Secure Shell server, which is usually related to the ssh.socket. Here’s how to handle it:

  1. Check the status of ssh.socket:

    sudo systemctl status ssh.socket

    If it’s not active, run the following to start it:

    sudo systemctl start ssh.socket

  2. Enable the ssh.socket so that it starts automatically with the SSH service:

    sudo systemctl enable ssh.socket

  3. Restart the SSH service after enabling the socket:

    sudo systemctl restart ssh

This should resolve the issue with ssh.socket.

Step 4: Configure SSH to Listen on All IPs (Optional for WSL 2)

By default, WSL 2 uses a virtualized network, meaning that the IP address of your WSL instance is not the same as your Windows IP. To allow SSH access from other computers, you’ll need to ensure that your WSL instance listens on all IP addresses.

  1. Find your WSL IP address (if you’re using WSL 2):

    ip addr show eth0

    The IP will usually be in the 172.x.x.x range. Note this IP address for later.

  2. Update your SSH configuration to allow connections from any IP address. Open the SSH configuration file:

    sudo nano /etc/ssh/sshd_config

  3. Find the line with #ListenAddress 0.0.0.0 (it may be commented out) and make sure it’s set to listen on all addresses:

    ListenAddress 0.0.0.0

  4. Restart the SSH service after making changes:

    sudo systemctl restart ssh

This will allow SSH to accept connections from any IP.

Step 5: Set Up Port Mapping to Access SSH from Other Computers

Now, you need to map the SSH port from your Windows machine to your WSL instance. Since WSL 2 uses a virtualized network, you need to forward the SSH port (default 22) to the correct WSL IP address.

  1. Open PowerShell as Administrator.

  2. Set up port forwarding to forward traffic from your Windows machine’s port 2222 to WSL’s port 22:

    netsh interface portproxy add v4tov4 listenport=2222 listenaddress=0.0.0.0 connectport=22 connectaddress=

    Replace “ with the IP address you found earlier (e.g., 172.x.x.x).

  3. Allow port 2222 through the Windows firewall (if necessary):

    New-NetFirewallRule -DisplayName "Allow SSH on port 2222" -Direction Inbound -Protocol TCP -Action Allow -LocalPort 2222

Now, SSH traffic sent to port 2222 on your Windows machine will be forwarded to your WSL instance’s port 22.

Step 6: Access Your WSL Instance from Another Computer

Once everything is set up, you can access your WSL instance via SSH from another machine. Here’s how:

  1. Find your Windows machine’s IP address. You can do this by running ipconfig in PowerShell or Command Prompt on your Windows machine. Look for the IPv4 Address.

  2. SSH into your WSL instance from a remote machine (or from the same machine but using localhost):

    ssh -p 2222 @

    Replace with your WSL username and with the IP address of your Windows machine. For example:

    ssh -p 2222 user@192.168.1.100

    You should now be able to log into your WSL instance via SSH from another machine.

Step 7: Troubleshoot Common Issues

1. Port Conflicts

If you can’t connect, it could be due to port conflicts. Check if port 2222 is already in use:

sudo lsof -i :2222

If another service is using the port, either stop that service or choose a different port number for SSH.

2. WSL IP Address Changes

Each time you restart your machine, your WSL instance might get a different IP address (especially in WSL 2). To handle this, you can set up a script to update the port forwarding automatically on boot.

Alternatively, you can use a static IP or a local hostname to connect to your WSL instance.

3. Firewall Issues

Ensure that both your Windows firewall and any firewall on the remote machine are not blocking the SSH port (2222).

Cheat Sheet: Useful Systemd and Networking Commands for Managing SSH in WSL

1. Managing SSH Service

  • Start SSH service:

    sudo systemctl start ssh

  • Stop SSH service:

    sudo systemctl stop ssh

  • Restart SSH service:

    sudo systemctl restart ssh

  • Check SSH service status:

    sudo systemctl status ssh

  • Enable SSH to start at boot:

    sudo systemctl enable ssh

  • Disable SSH from starting at boot:

    sudo systemctl disable ssh

2. Managing SSH Socket

  • Start SSH socket:

    sudo systemctl start ssh.socket

  • Check SSH socket status:

    sudo systemctl status ssh.socket

  • Enable SSH socket to start at boot:

    sudo systemctl enable ssh.socket

3. Managing Port Forwarding on Windows (via PowerShell)

  • Add a new port forwarding rule (forward Windows port 2222 to WSL’s SSH port):

    netsh interface portproxy add v4tov4 listenport=2222 listenaddress=0.0.0.0 connectport=22 connectaddress=

  • Delete a port forwarding rule:

    netsh interface portproxy delete v4tov4 listenport=2222 listenaddress=0.0.0.0

  • Check existing port mappings:

    netsh interface portproxy show all

  • Allow a port through the Windows firewall:

    New-NetFirewallRule -DisplayName "Allow SSH on port 2222" -Direction Inbound -Protocol TCP -Action Allow -LocalPort 2222

Conclusion

With SSH enabled in your WSL instance, you can now remotely access your Linux environment from other computers. By following these steps, you’ve installed the SSH server, managed the ssh.socket error, set up port mapping, and resolved common IP address issues for WSL 2.

Leave a comment