Native Feature of Windows
Microsoft has adopted openssh as Feature / Capability since Windows version 10 / Windows Server 2019. The openssh functionality is delivered in two independent features - client and server. The main benefit for the user is a complex implementation covering the PowerShell module or the Firewall rule. Other important benefit is delivering updates directly over the system update system.
In previous version you could achieve the SSH access by installing the independent build of openssh but this scenario is not covered in this page.
Installation / enabling the service
You can use GUI to enable the feature but there is not one place where all the stuff would be done. Enabling the Feature (Windows 10) or Capability (Windows 2019) is a first step but there is also a need of enabling and starting the system service. Optionally the firewall rule could be checked.
Primary way to configure the system is to use the PowerShell. Adopting openssh as the native feature / capability also covers the implementation of the management of the service into the powershell environment - the PowerShell module is created. It offers the possibility to do all the necessary things from one console at the same time.
To process following commands the PowerShell console should be run with elevated permission (as administrator).
OpenSSH - server
The default shell is cmd.exe but it is possible to change it to the PowerShell.
OpenSSH - client
The global system configuration ( in *nix system ususally located /etc/ssh ) can be found %programdata%/ssh/ ( c:\ProgramData\ssh\ ). There is located configuration file and also the keys (used for the secure communication on server side)
For our purpose we don't need to cover all the options available for openssh. As the build has been customized for the purpose of the integration into the windows system there are some options which can't be used in sshd_config the same way as in the linux system. To see more details please see Microsoft Docs page.
User keys (key authentication)
Default location is in user's home directory in the .ssh folder ( %HOME%\.ssh\authorized_keys ).
administrator access (SSH Keys)
In case the user is a member of the administrator group the key should be placed in the common location instead of user home directory. In this case the location is %programdata%\ssh\administrators_authorized_keys (C:\ProgramData\ssh\administrators_authorized_keys).
To set the proper permission for the file you can use following PowerShell script.