How to run Ubuntu service on Windows (at startup)?

Solution 1:

Found a tutorial for that by aseering:

This was originally discussed and sorted out by github users imjakey, fpqc, qris, therealkenc, Manouchehri, and aseering (myself) here:

https://github.com/Microsoft/BashOnWindows/issues/612

Note that running sshd has security implications. Until WSL's security model has had longer to bake, you should assume that anyone who can ssh into your Windows box has permission to perform any command as the Windows user running sshd, regardless of Linux-level permissions. (Permissions are probably more restrictive than that in practice, but WSL's initial security model is not intended to be very sophisticated.)

Attempting to aggregate the instructions from github:

  • Generate SSH host keys by running sudo dpkg-reconfigure openssh-server in a bash shell
  • Run sudo nano /etc/ssh/sshd_config; edit the UsePrivilegeSeparation yes line to read UsePrivilegeSeparation no. (This is necessary because UsePrivilegeSeparation uses the chroot() syscall, which WSL doesn't currently support.)
  • While still editing /etc/ssh/sshd_config, you may choose to change PasswordAuthentication no to PasswordAuthentication yes. Otherwise you will have to set up SSH keys.
  • Save /etc/ssh/sshd_config and exit.
  • Run sudo visudo to edit the sudoers file. Add the line

    $USER ALL = (root) NOPASSWD: /usr/sbin/sshd -D
    

    replacing "$USER" with your Linux username. Save and exit. If visudo complains that your changes are invalid, fix them until it reports that they are valid; otherwise you can break sudo on your system!

  • On the Windows side, edit the Windows firewall (and any third-party firewalls that you might be running) to allow incoming traffic on port 22. Because this isn't a super-secure setup, I recommend only allowing incoming traffic from home (private) and domain networks, not from the public Internet.
  • Create a text file autostartssh.vbs in Windows containing the following:

    set ws=wscript.createobject("wscript.shell")
    ws.run "C:\Windows\System32\bash.exe -c 'sudo /usr/sbin/sshd -D'",0
    
    • Double-click on the script. It should start sshd; you should be able to ssh into your Windows machine.
    • Open Windows's Task Scheduler. Add a task that runs autostartssh.vbs on system boot. Use wscript.exe as the command to run and the VBS script location as the parameter.

And that's it -- your Windows computer should be running a Linux openssh server!

Solution 2:

  1. Create a file named wsl_setup.bat and add content as follow

    wsl -u root -e sudo service ssh start
    wsl -u root -e sudo service nginx start
    
  2. Add wsl_setup.bat file to windows startup folder windows-10-change-startup-apps

  3. Restart and log in your windows account (yes, you need to log in)

Solution 3:

I've needed to do the same thing.

Here's how to boot the Ubuntu Linux subsystem with all of cron's services upon the Windows boot & provide a means to 'reboot' the Linux subsystem.

I'm successfully hosting the openssh-server, nginx & mariadb database on our server.

Install Linux Subsystem

  • Open Powershell as Administrator
  • Paste:

    Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
    
  • Install Ubuntu from Windows Store.

Remove sudo password prompt (required)

  • Open bash (Linux Subsystem installs this)
  • Paste:

    sudo sed -i "s/%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD:ALL/g" /etc/sudoers
    

Enable SSH password login (optional)

  • Open bash
  • Paste:

    sudo sed -i '/StrictModes yes/c\StrictModes no' /etc/ssh/sshd_config
    sudo sed -i '/ChallengeResponseAuthentication/c\ChallengeResponseAuthentication no' /etc/ssh/sshd_config
    sudo sed -i '/PasswordAuthentication/c\PasswordAuthentication yes' /etc/ssh/sshd_config
    

Windows autologin on start (required if you have a password or RDP in)

  • Open netplwiz
  • Untick 'Users must enter a username and password...'
  • Open regedit as Administrator
  • Browse to

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    
  • Create a new string DefaultPassword and write the user's password as value.

Run bash/cron loop on start

  • Create a file called linux.bat in shell:startup
  • Paste:

    C:\Windows\System32\bash.exe -c 'while [ true ]; do sudo /usr/sbin/cron -f; done'
    

Add apps/services to startup on cron

  • Open bash
  • sudo crontab -e
  • Select nano (or any editor you know how to save in)
  • Append startup apps such as openssh-server, nginx, mysql, php:

    PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
    @reboot . $HOME/.profile; /usr/sbin/sshd -D
    #@reboot . $HOME/.profile; service php7.1-fpm start # Uncomment for php7.1 fpm
    #@reboot . $HOME/.profile; service mysql start # Uncomment for mysql/mariadb
    #@reboot . $HOME/.profile; service nginx start # Uncomment for nginx
    
  • Save and exit: ctrlx, then press y and enter.

Reboot the Linux subsystem without rebooting Windows

  • Open bash or SSH in

    sudo service ssh restart
    
  • This will close the current instance and create a new one applying cron.

Extra - Install PHP 7.1 (not quite as straight forward)

  • Run the commands below for a pretty standard setup:

    mkdir /run/php && chmod -R 777 /run/php
    sudo add-apt-repository ppa:ondrej/php && sudo apt update
    PHPV=7.1 && sudo apt install --allow-unauthenticated -y php${PHPV}-fpm php${PHPV}-gd php${PHPV}-json php${PHPV}-mysqlnd php${PHPV}-curl php${PHPV}-intl php${PHPV}-mcrypt php${PHPV}-imagick php${PHPV}-zip php${PHPV}-xml php${PHPV}-mbstring
    
  • Run the command below for an 'OwnCloud' setup:

    PHPV=7.1 && apt install --allow-unauthenticated -y php${PHPV}-redis redis-server php${PHPV}-ldap php${PHPV}-smbclient
    

Extra - Install nginx webserver

  • Run the commands below for a base setup with PHP7.1:

    sudo add-apt-repository ppa:nginx/stable
    sudo apt update && sudo apt -y install nginx
    sudo sed -i 's:access_log /var/log/nginx/access.log;:access_log off;:g' /etc/nginx/nginx.conf
    sudo sed -i '/index index.html/c\\tindex index.html index.php index.htm index.nginx-debian.html;' /etc/nginx/sites-available/default
    STR='}\n\n\tlocation ~ \.php$ {\n\t\tinclude snippets\/fastcgi-php.conf;\n\t\tfastcgi_pass unix:\/var\/run\/php\/php7.1-fpm.sock;\n\t}'
    sudo sed -i "0,/}/s//$STR\n/" /etc/nginx/sites-available/default
    sudo service nginx restart
    

Extra - Install mariadb's mysql database

  • Run the commands below for a mysql database server:

    RELEASE=`lsb_release -a | tail -1 | cut -f2`
    sudo apt install software-properties-common
    sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
    sudo add-apt-repository "deb [arch=i386,amd64,ppc64el] https://mirrors.evowise.com/mariadb/repo/10.3/ubuntu $RELEASE main"
    sudo apt update && sudo apt --allow-unauthenticated -y install mariadb-server
    
  • When prompted, set a root database user password.

Solution 4:

@Poma and @Hintron answers are great.

I would like to extend description of last point how to add ssh task in Windows Task Scheduler as it requires switching some options:

  • Run "Task Scheduler". On the left list select "Task Scheduler (Local)", then go to "Action" menu and "Create Task".
  • General tab:
    • Name: "ssh"
    • Select "Run whether user is logged on or not"
  • Triggers tab:
    • New
      • Begin the task: "At startup"
  • Actions tab:
    • New
      • Program/script: C:\Windows\System32\bash.exe
      • Add arguments (optional): -c "sudo /usr/sbin/service ssh start"
  • Conditions:
    • Unselect "Start the task only if the computer is on AC power
  • Settings
    • Unselect "Stop the task if it runs longer than

It is used direct bash invocation. There is no need to wrap it in vbs or powershell scripts.

I use service command for reasons that @Hintron explained. Additionally direct sshd invocation gives error

Missing privilege separation directory: /var/run/sshd

In such case it should be added this entry by sudo visudo command

ALL ALL = (root) NOPASSWD: /usr/sbin/service ssh *

Also notice that here all users (first column) can start or stop sshd. If your are only one user of this Windows machine, then it should be fine.