VSCode Remote: Connect to WSL2 from another machine

remote-wsl.md

VSCode Remote: Connect to WSL2 from another machine

Do you want to do remote development on your WSL2 container in Visual Studio Code? Read this.

Proxy jump method

1. On the host set up OpenSSH for Windows
2. Run wsl --update to make sure you are running the latest WSL
3. Open WSL and install another SSH server inside WSL with sudo apt-get install openssh-server
4. Now run sudo systemctl enable --now ssh to automatically start ssh when WSL starts.
5. On the remote machine run ssh -J windows_user@windows_ip wsl_user@localhost to see if the proxy jump will work

If you see the bash prompt it works. You can add it to the ~/.ssh/config file on the remote machine.

Host remote-wsl
  HostName localhost
  User wsl_user
  ProxyJump windows_user@windows_ip
  StrictHostKeyChecking no

Now connect with ssh remote-wsl.

Credit

ajihyf's comment

Default shell method

Change your OpenSSH shell

SSH to your Windows host (SSH Server must be installed in Windows Features)

ssh user@windowshost

Start Powershell

powershell

Run this command to switch SSH from CMD to WSL

New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\WINDOWS\System32\bash.exe" -PropertyType String -Force

Test

ssh user@windowshost

You should now see WSL2 instead of CMD

Connect from VSCode

At this point you can connect to your Win10 host with Remote SSH in VSCode with your Windows username and pw. But you'll actually start and connect to WSL2.

1. Install the Remote - SSH extension
2. Add a new SSH target and connect with your Windows host, username and password (you will automatically log in as the Linux user)

Credit

The workaround was inspired by: https://www.hanselman.com/blog/the-easy-way-how-to-ssh-into-bash-and-wsl2-on-windows-10-from-an-external-machine

The ProxyJump method shared here is great, but it is missing the ability to start WSL if it is not already running. If we use ProxyCommand instead of ProxyJump, we can ensure that WSL always starts when we connect. Building on ajihyf's solution:

In your ssh config (e.g., %USERPROFILE%\.ssh\config on Windows), add:

Host wsl
  HostName localhost
  User wsl_user
  ProxyCommand ssh windows_user@windows_ip "wsl.exe --distribution wsl_distribution --exec bash -c \"netcat %h %p\""
  StrictHostKeyChecking no
  UserKnownHostsFile /dev/null

ProxyCommand does the following:

• Connects to the windows host (windows_user@windows_ip)
• Starts wsl.exe with the specifed distribution (wsl.exe --distribution wsl_distribution)
• Executes bash within WSL (--exec bash -c )
• Uses netcat to create a bidirectional network pipe between the client and WSL host (netcat %h %p)
  • %h becomes the value of HostName and %p becomes the value of Port.

This is also works if you use a tool like 1Password to manage your SSH and GPG keys. Expand for an example.

In this is example, I use ForwardAgent to forward SSH requests to the 1Password SSH Agent. I have create an SSH key for my GIS Workstation computer and added the public key to my authorized keys on Windows and Ubuntu 24.04 (in WSL). I have also saved the public key to ~/.ssh/gis_workstation_jack.pub so that SSH does not try to use every SSH key I have in 1password, which may result in a "too many authentication failures" error.

Host "GIS Workstation (Windows 11)"
  HostName windows_ip
  User jbuehner7
  ForwardAgent yes
  IdentityFile ~/.ssh/gis_workstation.pub
  IdentitiesOnly yes

Host "GIS Workstation (Ubuntu 24)"
  HostName localhost
  User jackbuehner
  ForwardAgent yes
  IdentityFile ~/.ssh/gis_workstation.pub
  IdentitiesOnly yes
  StrictHostKeyChecking no
  UserKnownHostsFile /dev/null

  # start wsl and then connect with ssh
  ProxyCommand ssh windows_ip "wsl.exe --distribution Ubuntu-24.04 --exec bash -c \"netcat %h %p\""

I find this helpful because it allows me to connect to my WSL instance on my desktop PC from my laptop without needing to remotely log in to my desktop PC first and manually start WSL.