How to run Ubuntu service on Windows (at startup)?
Solution 1:
Found a tutorial for that by aseering:
This was originally discussed and sorted out by github users imjakey, fpqc, qris, therealkenc, Manouchehri, and aseering (myself) here:
https://github.com/Microsoft/BashOnWindows/issues/612
Note that running sshd has security implications. Until WSL's security model has had longer to bake, you should assume that anyone who can ssh into your Windows box has permission to perform any command as the Windows user running sshd, regardless of Linux-level permissions. (Permissions are probably more restrictive than that in practice, but WSL's initial security model is not intended to be very sophisticated.)
Attempting to aggregate the instructions from github:
- Generate SSH host keys by running
sudo dpkg-reconfigure openssh-server
in a bash shell - Run
sudo nano /etc/ssh/sshd_config
; edit theUsePrivilegeSeparation yes
line to readUsePrivilegeSeparation no
. (This is necessary becauseUsePrivilegeSeparation
uses thechroot()
syscall, which WSL doesn't currently support.) - While still editing
/etc/ssh/sshd_config
, you may choose to changePasswordAuthentication no
toPasswordAuthentication yes
. Otherwise you will have to set up SSH keys. - Save
/etc/ssh/sshd_config
and exit. -
Run
sudo visudo
to edit the sudoers file. Add the line$USER ALL = (root) NOPASSWD: /usr/sbin/sshd -D
replacing "$USER" with your Linux username. Save and exit. If visudo complains that your changes are invalid, fix them until it reports that they are valid; otherwise you can break sudo on your system!
- On the Windows side, edit the Windows firewall (and any third-party firewalls that you might be running) to allow incoming traffic on port 22. Because this isn't a super-secure setup, I recommend only allowing incoming traffic from home (private) and domain networks, not from the public Internet.
-
Create a text file
autostartssh.vbs
in Windows containing the following:set ws=wscript.createobject("wscript.shell") ws.run "C:\Windows\System32\bash.exe -c 'sudo /usr/sbin/sshd -D'",0
- Double-click on the script. It should start sshd; you should be able to ssh into your Windows machine.
- Open Windows's Task Scheduler. Add a task that runs
autostartssh.vbs
on system boot. Usewscript.exe
as the command to run and the VBS script location as the parameter.
And that's it -- your Windows computer should be running a Linux openssh server!
Solution 2:
-
Create a file named
wsl_setup.bat
and add content as followwsl -u root -e sudo service ssh start wsl -u root -e sudo service nginx start
Add
wsl_setup.bat
file to windows startup folder windows-10-change-startup-appsRestart and log in your windows account (yes, you need to log in)
Solution 3:
I've needed to do the same thing.
Here's how to boot the Ubuntu Linux subsystem with all of cron's services upon the Windows boot & provide a means to 'reboot' the Linux subsystem.
I'm successfully hosting the openssh-server, nginx & mariadb database on our server.
Install Linux Subsystem
- Open Powershell as Administrator
-
Paste:
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
Install Ubuntu from Windows Store.
Remove sudo password prompt (required)
- Open bash (Linux Subsystem installs this)
-
Paste:
sudo sed -i "s/%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD:ALL/g" /etc/sudoers
Enable SSH password login (optional)
- Open bash
-
Paste:
sudo sed -i '/StrictModes yes/c\StrictModes no' /etc/ssh/sshd_config sudo sed -i '/ChallengeResponseAuthentication/c\ChallengeResponseAuthentication no' /etc/ssh/sshd_config sudo sed -i '/PasswordAuthentication/c\PasswordAuthentication yes' /etc/ssh/sshd_config
Windows autologin on start (required if you have a password or RDP in)
- Open netplwiz
- Untick 'Users must enter a username and password...'
- Open regedit as Administrator
-
Browse to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Create a new string
DefaultPassword
and write the user's password as value.
Run bash/cron loop on start
- Create a file called
linux.bat
inshell:startup
-
Paste:
C:\Windows\System32\bash.exe -c 'while [ true ]; do sudo /usr/sbin/cron -f; done'
Add apps/services to startup on cron
- Open bash
sudo crontab -e
- Select nano (or any editor you know how to save in)
-
Append startup apps such as openssh-server, nginx, mysql, php:
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin @reboot . $HOME/.profile; /usr/sbin/sshd -D #@reboot . $HOME/.profile; service php7.1-fpm start # Uncomment for php7.1 fpm #@reboot . $HOME/.profile; service mysql start # Uncomment for mysql/mariadb #@reboot . $HOME/.profile; service nginx start # Uncomment for nginx
Save and exit: ctrlx, then press y and enter.
Reboot the Linux subsystem without rebooting Windows
-
Open bash or SSH in
sudo service ssh restart
This will close the current instance and create a new one applying cron.
Extra - Install PHP 7.1 (not quite as straight forward)
-
Run the commands below for a pretty standard setup:
mkdir /run/php && chmod -R 777 /run/php sudo add-apt-repository ppa:ondrej/php && sudo apt update PHPV=7.1 && sudo apt install --allow-unauthenticated -y php${PHPV}-fpm php${PHPV}-gd php${PHPV}-json php${PHPV}-mysqlnd php${PHPV}-curl php${PHPV}-intl php${PHPV}-mcrypt php${PHPV}-imagick php${PHPV}-zip php${PHPV}-xml php${PHPV}-mbstring
-
Run the command below for an 'OwnCloud' setup:
PHPV=7.1 && apt install --allow-unauthenticated -y php${PHPV}-redis redis-server php${PHPV}-ldap php${PHPV}-smbclient
Extra - Install nginx webserver
-
Run the commands below for a base setup with PHP7.1:
sudo add-apt-repository ppa:nginx/stable sudo apt update && sudo apt -y install nginx sudo sed -i 's:access_log /var/log/nginx/access.log;:access_log off;:g' /etc/nginx/nginx.conf sudo sed -i '/index index.html/c\\tindex index.html index.php index.htm index.nginx-debian.html;' /etc/nginx/sites-available/default STR='}\n\n\tlocation ~ \.php$ {\n\t\tinclude snippets\/fastcgi-php.conf;\n\t\tfastcgi_pass unix:\/var\/run\/php\/php7.1-fpm.sock;\n\t}' sudo sed -i "0,/}/s//$STR\n/" /etc/nginx/sites-available/default sudo service nginx restart
Extra - Install mariadb's mysql database
-
Run the commands below for a mysql database server:
RELEASE=`lsb_release -a | tail -1 | cut -f2` sudo apt install software-properties-common sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8 sudo add-apt-repository "deb [arch=i386,amd64,ppc64el] https://mirrors.evowise.com/mariadb/repo/10.3/ubuntu $RELEASE main" sudo apt update && sudo apt --allow-unauthenticated -y install mariadb-server
When prompted, set a root database user password.
Solution 4:
@Poma and @Hintron answers are great.
I would like to extend description of last point how to add ssh task in Windows Task Scheduler as it requires switching some options:
- Run "Task Scheduler". On the left list select "Task Scheduler (Local)", then go to "Action" menu and "Create Task".
- General tab:
- Name: "ssh"
- Select "Run whether user is logged on or not"
- Triggers tab:
- New
- Begin the task: "At startup"
- New
- Actions tab:
- New
- Program/script: C:\Windows\System32\bash.exe
- Add arguments (optional): -c "sudo /usr/sbin/service ssh start"
- New
- Conditions:
- Unselect "Start the task only if the computer is on AC power
- Settings
- Unselect "Stop the task if it runs longer than
It is used direct bash invocation. There is no need to wrap it in vbs or powershell scripts.
I use service command for reasons that @Hintron explained. Additionally direct sshd invocation gives error
Missing privilege separation directory: /var/run/sshd
In such case it should be added this entry by sudo visudo
command
ALL ALL = (root) NOPASSWD: /usr/sbin/service ssh *
Also notice that here all users (first column) can start or stop sshd. If your are only one user of this Windows machine, then it should be fine.