Kubernetes | SSH into WSL 2 from a Remote Machine
See these pages for more details about Network Shell (Netsh):
https://learn.microsoft.com/en-us/windows-server/networking/technologies/netsh/netsh-interface-portproxy
https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/netsh-advfirewall-firewall-control-firewall-behavior

Make sure that you have installed Windows Subsystem for Linux (WSL 2): Install Windows Subsystem for Linux (WSL 2)

To SSH into your Linux distro (WSL 2) from a remote machine, follow these steps:

  • Install OpenSSH Server in your Linux distro.
    Connect to your Linux distro. Enter: sudo apt install openssh-server

    It not already installed, it may be useful to install "net-tools" package: sudo apt install net-tools

    $ sudo apt update
$ sudo apt install openssh-server
$ sudo apt install net-tools
  • Configure /etc/ssh/sshd_config file.
    Connect to your Linux distro. Enter: sudo vi /etc/ssh/sshd_config

    You can set the local addresses that sshd should listen: "0.0.0.0".
    Optionally, you can set the SSH port to another value (make sure that the port is not already used): "2222".

    Port 2222
ListenAddress 0.0.0.0
    # reload systemd
$ sudo systemctl daemon-reload
# restart OpenSSH Server
$ sudo service ssh restart
# test SSH connection
$ sudo systemctl status ssh
  • Forward port from Windows into your Linux WSL distro.
    The portproxy server listens for messages sent to a specific port and IPv4 address and maps a port and IPv4 address to send the messages received after establishing a separate TCP connection.

    • listenaddress: Specifies the IPv4 address for which to listen ("0.0.0.0" any IPv4 address).
    • listenport: Specifies the IPv4 port on which to listen ("2222", you can choose any port you want).
    • connectaddress: Specifies the IPv4 address to which to connect ("172.26.110.211", this should be the address of your Linux WSL distro).
    • connectport: Specifies the IPv4 port to which to connect ("2222", must match the port your set for your sshd on your Linux WSL distro).

    C:\Users\mtitek>netsh interface portproxy add v4tov4 listenaddress=0.0.0.0 listenport=2222 connectaddress=172.26.110.211 connectport=2222
    To check the Port:
    C:\Users\mtitek>netsh interface portproxy show v4tov4
    Listen on ipv4:               Connect to ipv4:
Address Port                  Address        Port
------- ----                  -------        ----
0.0.0.0 2222                  172.26.110.211 2222
  • Add a new firewall rule to enable the port.
    C:\Users\mtitek>netsh advfirewall firewall add rule name="Open Port 2222 - WSL 2" dir=in action=allow protocol=TCP localport=2222
    To check the rule:
    C:\Users\mtitek>netsh advfirewall firewall show rule status=enabled dir=in name=all | select-string -pattern "(LocalPort.*2222)" -context 9,4
    Rule Name:           Open Port 2222 - WSL 2
-------------------------------------------
Enabled:             Yes
LocalPort:           2222
...
  • To test your configuration, open a terminal in a remote machine. Enter: ssh mtitek@192.168.2.15 -p 2222
    Replace mtitek with the user you have ceated for your Linux distro.
    Replace 192.168.2.15 with the IP address of your Windows machine (look for the IPv4 Address in the output of the ipconfig command).
Notes:
To delete the firewall rule:
C:\Users\mtitek>netsh advfirewall firewall delete rule name="Open Port 2222 - WSL 2"
To delete the IPv4 port and address from the list of IPv4 ports and addresses for which the server listens:
C:\Users\mtitek>netsh interface portproxy delete v4tov4 listenaddress=0.0.0.0 listenport=2222
© 2025  mtitek