Open SSH from the browser

Learn how to open SSH connections directly from the browser

RPort and your browser will open links to ssh://user@remote.example.com with the default application for that URL scheme. Windows does not have any default application assigned. To do so, follow the guide below.

Step 1: Install OpenSSH

Make sure you have OpenSSH installed on Windows 10. Open a terminal (cmd.exe or PowerShell) and type in shh -V. You should get an output similar to

OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5

If the ssh command is missing, execute the following command on a PowerShell.

# Install the OpenSSH Client
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0

More info here

Step 2: Download the wrapper script

An ssh link follows this syntax, ssh://<username>@<host>:<port> but open ssh expects a different format. Download the PowerShell script ssh-protocol-handler.ps1 to some directory, for example to %LOCALAPPDATA%\ssh-protocol-handler.ps1.

You can do this on the PowerShell with the following commands.

$url = "https://gist.githubusercontent.com/thorstenkramm/b25a2c09ca7414595d48d1db581833fc/raw/1fecf170378390eebe778209a8b88972d6893657/ssh-protocol-handler.ps1"
$file = "$env:LOCALAPPDATA\ssh-protocol-handler.ps1"
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Invoke-WebRequest -Uri $url -OutFile $file

Test the script by executing .\ssh-protocol-handler.ps1 ssh://user@127.0.0.1:22. It doesn't matter if you have a local SSH server. It's just for testing the URI gets translated into the correct PowerShell command.

On desktop operation systems like Windows 10 and 11 the PowerShell execution policy is very likely set to "restricted". This will prevent the script to run.

On a new PowerShell console with administrative rights change the policy to allow all local scripts and only those remote scripts that are digitally signed, by executing:

set-executionpolicy remotesigned

Step 3: Register the script as URL handler

Download the ssh-protocol-handler.reg registry setting file. Adding it to the registry will register the above script as a protocol handler for ssh:// links.

You can do this in the PowerShell with the following commands.

$url = "https://gist.githubusercontent.com/thorstenkramm/b25a2c09ca7414595d48d1db581833fc/raw/1fecf170378390eebe778209a8b88972d6893657/ssh-protocol-handler.reg"
$file = "$env:LOCALAPPDATA\ssh-protocol-handler.reg"
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Invoke-WebRequest -Uri $url -OutFile $file
(Get-Content -path $file -Raw) -replace '<LOCALAPPDATA>', "$( [regex]::escape($env:LOCALAPPDATA) )"| Set-Content -Path $file
get-Content $file
reg import $file
rm $file

If you download the script manually, replace <LOCALAPPDATA> by the path where you stored ssh-protocol-handler.ps1

Log out now. Otherwise changes are not applied.

Step4: Activate the new handler

Open the windows settings. Go to "Apps & feature -> Default Apps", scroll down and click on "Choose default apps by protocol".

Now type in an SSH Url into the URL bar of any browser, for example ssh://user@example.com:2222. A PowerShell windows should open trying to connect you.

Last updated