Tested on Windows XP Pro SP2 on a Windows Domain network. The following instructions assume that you want to install to "C:\Program Files\OpenSSH" and that you want your SSH server to run under the user-ID "sshd" and that you'll create a home directory for sshd named C:\OpenSSH-server.  You'll need to edit where appropriate if you make other choices.

  1. Install OpenSSH for Windows from http://sshwindows.sourceforge.net/ into C:\Program Files\OpenSSH (or other directory of your choosing).  I refer to this directory as [install-dir] throughout this document.
  2. Run the attached batch file from a command prompt.
  3. Edit [install-dir]\etc\sshd_config and set UsePrivilegeSeparation to yes
  4. Right click on C:\OpenSSH-server, select the Security tab, and grant sshd (or whatever you named the account)  and grant these permissions to the folder and subtree.
    1. Read
    2. Read & Execute
    3. List Folder Contents
    4. Full Control
    5. Also make the sshd account the Owner of the folder and subtree.
  5. Open the Services applet (from Control Panel/Administrative Tools) and change the OpenSSH service to use the sshd account.
  6. Stop and start the OpenSSH service.

At this point you've got password login.  There is more work to be done to enable PKI-based login.