Configure SSH server with FreeSSHd on Windows for secure connection

FreeSSHd is a complete software that will allow us to set up an SSH and SFTP server on our Windows operating system. This program is completely free, and it’s the easiest and fastest way to set up an SSH server on your computer. In addition, if you want to transfer files securely using AES for file transfer, you can use the integrated SFTP server in this software. Today in this article we are going to explain how to download, install and use it, since we have quite a few advanced configuration options, ideal for configuring the server in detail.

Configure SSH server with FreeSSHd on Windows for secure connection

Download and installation

The first thing you need to do is download the FreeSSHd software from the official website. Once you are in the download menu of the program, you will be able to see the version of FreeSSHd which is 1.3.1, you can also download the popular FTP server called FreeFTPd which is very easy to install and use. In the following image you can see the download of both software:

The installation wizard of this program is exactly the same as any other software. We have to click on «Next», define the location of the installation, if we want the complete installation, give it a name for the programs section, if we want to create an icon on the desktop and a summary of the previously made configurations. Finally, we have to click on the “Install” section to proceed with the installation.

The installation wizard will ask us if we want to create the private keys for the SSH, click on “Yes” to create them automatically and without having to do anything else. It will also ask us if we want to use this program as a system service, we click on “Yes” so that it starts with the operating system, otherwise, we can click on “No”.

As you can see, downloading and installing this program is really simple. Now we are going to see all the configuration options that we have available in this complete program.

 

Configuration options

In the first menu of FreeSSDd we are going to find the state of the SSH and Telnet server, by default, the Telnet protocol is deactivated for security reasons, and we do not recommend activating it under any circumstances, you always have to use SSH because all traffic it is correctly encrypted and authenticated.

In the “Telnet” tab we can configure where we want the Telnet server to listen, the TCP port used, the maximum number of concurrent connections, the timeout in case of not sending commands, and also if we want to put a welcome message. Finally, we have the possibility to choose the shell, by default it is cmd.exe but we can also choose Powershell, in addition, we can enable Telnet at the beginning of the program.

In the « SSH » tab is where we have everything related to the SSH protocol, we can make the following settings:

  • Listening address : by default it is listening on all physical and virtual network interfaces, here we can choose that it only listens on a certain interface.
  • Port : by default the port is TCP 22, but we can change it to the port we want.
  • Maximum number of connections : if we leave it at 0 it means unlimited number of connections.
  • Idle timeout : the time the server waits before cutting the connection if we do not exchange data, by default it is unlimited (0).
  • Banner message : We can put a message for SSH clients connecting to the server.
  • Command Shell : command shell to use, by default it is cmd.exe although we can also use Powershell. Other options are to start the SSH server when we start freeSSHd.
  • Keys : we can configure new cryptographic keys, be they RSA, DSA and also ECDSA if we want. The most recommended is to use the ECDSA keys that are the safest and fastest.

In the “Authentication” tab we have the location of the public cryptographic keys that will be exchanged with the clients, we also have the possibility of configuring password-based authentication (disabled, allowed or required), in addition, we also have the possibility of configuring the public key authentication. In “Encryption” we have the different ciphers that we allow for SSH clients, the safest thing is to use AES in any of its versions, we do not recommend using the rest of the symmetric encryption algorithms, because they are insecure or not secure enough for something so important as the SSH protocol. In the “Tunneling” section we have the possibility to enable local port forwarding and also remote port forwarding, this will allow us to make SSH tunnels which is like a kind of VPN but using the SSH protocol instead of a virtual private network type OpenVPN or wireguard. In the “SFTP” menu is where we have the path of the folder that will appear when connecting with any SFTP client such as FileZilla.

User management is one of the most important aspects, in this case, in the ” Users ” section is where we can add, change or delete the different users we have. When adding a new user, we have to enter the name, the type of authorization (NT authentication, password or public key for SSH only). We can also configure if we want the user to use the shell, use SFTP or Tunneling. Shell and SFTP permissions should generally be given, although optionally you can also do SSH tunnels.

In the “Host restrictions” section we have the possibility to allow only the IP addresses that we have in the list, we can configure wildcard without problems. We can also configure the blacklist, all the IPs in the list will be automatically blocked. In the “Logging” tab we have the possibility to configure the logs of the freeSSHd program, and we can even resolve the IP addresses in hostnames to facilitate the reading of the logs. In the “Online Users” menu we have the possibility to see in real time which user or users are currently connected to the program’s SSH server.

Now that we have seen all the configuration options of the program, and we have created a user to connect locally or remotely to our computer with the SSH server, we are going to show you how to connect with the popular PuTTY program.

 

SSH and SFTP connection

PuTTY is one of the most popular and used programs for SSH client, Telnet client and even to connect to a router or switch by console. In our case, we have entered the private IP address of the computer where we have configured freeSSHd as a system service, we have also entered the port number, 22, the default port. We have had to configure the username and password, and provide “Shell” permissions and also “SFTP” permissions as we have explained previously.

When connecting, it will tell us that we must accept the public key, and that the key is not recognized because we have never connected, so be careful when accepting the key. Once accepted, we proceed to enter the username and password that we have previously registered in the program, once we connect, we will be able to see the terminal (cmd.exe) via SSH in our PuTTY client.

The process to connect via SFTP is similar, in this case we can use a program like WinSCP that supports the SCP and SFTP protocol, or use the popular FileZilla Client program that also supports SFTP. In this case, we enter the sftp://IP address, we put the username and password that we have previously created, the port number 22 and click on «Quick connection». Once we have connected, we can see the directory tree and proceed with the copy of the files.

As you have seen, the connection of an SSH and SFTP client to the server configured with FreeSSHd is very easy and fast, we will only need to configure certain parameters on the server so that the clients connect easily and without problems.