# Open SSH from the browser

#### SSH Link handler for Windows <a href="#ssh-link-handler-for-windows" id="ssh-link-handler-for-windows"></a>

RPort and your browser will open links to `ssh://[email protected]` with the default application for that URL scheme. Windows does not have any default application assigned. To do so, follow the guide below.

Make sure you have OpenSSH installed on Windows 10. Open a terminal (cmd.exe or PowerShell) and type in `shh -V`. You should get an output similar to

```
OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5
```

If the ssh command is missing, execute the following command on a PowerShell.

```
# Install the OpenSSH Client
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
```

More infos [here](https://docs.microsoft.com/de-de/windows-server/administration/openssh/openssh_install_firstuse)

**Step 2: Download the wrapper script**

An ssh link follows this syntax, `ssh://<username>@<host>:<port>` but open ssh expects a different format. Download the PowerShell script `ssh-protocol-handler.ps1` to some directory, for example to `%LOCALAPPDATA%\ssh-protocol-handler.ps1`.

You can do this on the PowerShell with the following commands.

```
$url = "https://gist.githubusercontent.com/thorstenkramm/b25a2c09ca7414595d48d1db581833fc/raw/1fecf170378390eebe778209a8b88972d6893657/ssh-protocol-handler.ps1"
$file = "$env:LOCALAPPDATA\ssh-protocol-handler.ps1"
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Invoke-WebRequest -Uri $url -OutFile $file
```

Test the script by executing `.\ssh-protocol-handler.ps1 ssh://[email protected]:22`. It doesn't matter if you have a local SSH server. It's just for testing the URI gets translated into the correct PowerShell command.

{% hint style="info" %}
On desktop operation systems like Windows 10 and 11 the PowerShell execution policy is very likely set to "restricted". This will prevent the script to run.

On a new PowerShell console *with administrative* rights change the policy to allow all local scripts and only those remote scripts that are digitally signed, by executing:

`set-executionpolicy remotesigned`
{% endhint %}

**Step 3: Register the script as URL handler**

Download the `ssh-protocol-handler.reg` registry setting file. Adding it to the registry will register the above script as a protocol handler for `ssh://` links.

You can do this in the PowerShell with the following commands.

```
$url = "https://gist.githubusercontent.com/thorstenkramm/b25a2c09ca7414595d48d1db581833fc/raw/1fecf170378390eebe778209a8b88972d6893657/ssh-protocol-handler.reg"
$file = "$env:LOCALAPPDATA\ssh-protocol-handler.reg"
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Invoke-WebRequest -Uri $url -OutFile $file
(Get-Content -path $file -Raw) -replace '<LOCALAPPDATA>', "$( [regex]::escape($env:LOCALAPPDATA) )"| Set-Content -Path $file
get-Content $file
reg import $file
rm $file
```

If you download the script manually, replace `<LOCALAPPDATA>` by the path where you stored `ssh-protocol-handler.ps1`

{% hint style="info" %}
**Log out now.** Otherwise changes are not applied.
{% endhint %}

**Step4: Activate the new handler**

Open the windows settings. Go to "Apps & feature -> Default Apps", scroll down and click on "Choose default apps by protocol".

![Select the Custom SSH Handler](https://1142160776-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MekeI9EovpQqbUTQSdM%2Fuploads%2FGYsZxcCZm6GzNv5P1KtX%2Fimage.png?alt=media\&token=44635a99-0a02-4b2e-a674-a07f513a63a3)

Now type in an SSH Url into the URL bar of any browser, for example `ssh://[email protected]:2222`. A PowerShell windows should open trying to connect you.