Securely SSH from Windows to an Ubuntu VM (No Passwords, No Root Login)
If you’re running Ubuntu in VMware on Windows, you’ve probably hit that moment where copy-pasting commands feels clunky and you just want proper terminal access. In this guide, I’ll show you how to SSH into your Ubuntu VM from Windows PowerShell, then lock it down with SSH keys so you can ditch passwords and disable root login—clean, simple, and secure.
My VM IP:
192.168.45.100
1️⃣ Install & Start SSH on Ubuntu VM
On Ubuntu VM:
sudo apt update
sudo apt install -y openssh-server
sudo systemctl enable ssh
sudo systemctl start ssh
📌 This installs the SSH server and makes sure it starts automatically on boot.
Verify:
sudo systemctl status ssh
Expected: active (running)
2️⃣ Find the VM IP Address
ip a
I found:
inet 192.168.45.100/24
📌 This is the IP you connect to from Windows.
3️⃣ Connect from Windows PowerShell (first time)
On Windows (PowerShell):
ssh alok@192.168.45.100
First-time prompt:
Are you sure you want to continue connecting (yes/no)?
I typed:
yes
📌 This trusts the VM’s SSH fingerprint and saves it to known_hosts.
4️⃣ Set Up Passwordless Login (SSH Keys)
Windows doesn’t have ssh-copy-id, so I used a one-liner.
On Windows (PowerShell):
type $env:USERPROFILE\.ssh\id_ed25519.pub | ssh alok@192.168.45.100 "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
📌 This copied your Windows public key into:
~/.ssh/authorized_keys
Result:
ssh alok@192.168.45.100
→ Logged in without a password 🎉
5️⃣ Verify SSH Keys on Ubuntu
cat ~/.ssh/authorized_keys
I saw:
ssh-rsa ...(older key)ssh-ed25519 ... alok@DESKTOP-381CHVR(my Windows key)
📌 This confirms key-based authentication is active.
Fix permissions (important for SSH security):
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
6️⃣ Harden SSH Security (Key-only, No Root Login)
I updated /etc/ssh/sshd_config with a secure full config.
Backup first:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
Edit config:
sudo vim /etc/ssh/sshd_config
Key security settings I applied:
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
KbdInteractiveAuthentication no
UsePAM yes
PermitRootLogin no
AllowUsers alok
📌 This means:
✅ Only SSH keys allowed
❌ No password login
❌ No root login
🔒 Only user
alokcan SSH
Restart SSH:
sudo systemctl restart ssh
7️⃣ Test After Hardening
From Windows:
ssh alok@192.168.45.100
✅ Works
❌ Password login disabled
❌ Root login disabled
Verify config:
sudo sshd -T | grep -i passwordauthentication
Expected:
passwordauthentication no
🔐 Final Security State
| Feature | Status |
|---|---|
| SSH access | ✅ Enabled |
| Password login | ❌ Disabled |
| Key-based login | ✅ Enabled |
| Root login | ❌ Disabled |
| User restriction | ✅ Only alok
|
| Known host verification | ✅ Trusted |
| SSH auto-start on boot | ✅ Enabled |
🎯 You now have a proper “real-world” SSH setup
This is the same way servers are accessed in production environments.
You basically built a mini DevOps-grade VM setup on your laptop 💪
Top comments (0)