Version 1 vs 2
Version 1 vs 2
Edits
Edits
- Edit by keithzg, Version 2
- Mar 16 2020 6:48 PM
- ·Getting there, but maybe we don't even want passwordless admin login? I wonder . . .
- Edit by keithzg, Version 1
- Sep 10 2019 2:14 PM
- ·Initial page creation, not yet complete
Original Change | Next Change » |
Edit Older Version 1... | Edit Older Version 2... |
Content Changes
Content Changes
As of Windows 10 (or Server 2019), Microsoft has basically added built-in support for OpenSSH as both a client and a host. Of course, it being #Windows, it's sometimes non-obvious and sub-par.
== Server setup ==
```
name=Elevated Powershell session, lang=Powershell
# Install the actual component. Can also be done via the "Features" listing in Windows.
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
# Make sure the services are set to automatically start, since they often aren't
Set-Service ssh-agent -StartupType Automatic
Set-Service ssh -StartupType Automatic
# Manually start the services so they're running without rebooting, because we're using SSH because we're trying to *not* be all Windows-y about things
Start-Service ssh-agent
Start-Service sshd
# This will install some utilities, but they don't actually work well as of this writing, so you can skip this if you want
Install-Module -Force OpenSSHUtils
```
To add:
* https://stackoverflow.com/a/50502015/2808933
* https://github.com/PowerShell/Win32-OpenSSH/issues/962 /
As of Windows 10 (or Server 2019), Microsoft has basically added built-in support for OpenSSH as both a client and a host. Of course, it being #Windows, it's sometimes non-obvious and sub-par.
== Server setup ==
Open up an elevated Powershell session (ex. right-click on any Powershell icon/listing and choose {nav Run as Administrator}), and then run the following:
```
name=Elevated Powershell session, lang=Powershell
# Install the actual component. Can also be done via the "Features" listing in Windows.
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
# Make sure the services are set to automatically start, since they often aren't
Set-Service ssh-agent -StartupType Automatic
Set-Service sshd -StartupType Automatic
# Manually start the services so they're running without rebooting, because we're using SSH because we're trying to *not* be all Windows-y about things
Start-Service ssh-agent
Start-Service sshd
# This will install some utilities, but they don't actually work well as of this writing, so you can skip this if you want
Install-Module -Force OpenSSHUtils
```
Voila! You should now be able to SSH into your Windows machine from any SSH client.
== Client Setup ==
```
lang=powershell, name=Non-Elevated Powershell session
# Create and enter .ssh directory for your user.
cd $env:USERPROFILE; mkdir .ssh; cd .ssh
# Generate identity keys, by default this will be `id_rsa` and `id_rsa.pub`
ssh-keygen.exe
# Create an authorized_keys file starting with your local public key
copy id_rsa.pub authorized_keys
# open an Explorer window in the current location, because I haven't yet bothered to figure out how to do the next portion with Powershell
start .
```
Okay, then:
# Right click {nav authorized_keys}, then {nav Properties > Security > Advanced}
# {nav icon=check-square, name=Disable Inheritance}
# Choose "Convert inherited permissions into explicit permissions on this object" when prompted
# Remove all permissions on file except for `SYSTEM` and //yourself//. There must be exactly two permission entries on the file.
----
To add:
* https://stackoverflow.com/a/50502015/2808933
* https://github.com/PowerShell/Win32-OpenSSH/issues/962 /
As of Windows 10 (or Server 2019), Microsoft has basically added built-in support for OpenSSH as both a client and a host. Of course, it being #Windows, it's sometimes non-obvious and sub-par.
== Server setup ==
Open up an elevated Powershell session (ex. right-click on any Powershell icon/listing and choose {nav Run as Administrator}), and then run the following:
```
name=Elevated Powershell session, lang=Powershell
# Install the actual component. Can also be done via the "Features" listing in Windows.
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
# Make sure the services are set to automatically start, since they often aren't
Set-Service ssh-agent -StartupType Automatic
Set-Service sshd -StartupType Automatic
# Manually start the services so they're running without rebooting, because we're using SSH because we're trying to *not* be all Windows-y about things
Start-Service ssh-agent
Start-Service sshd
# This will install some utilities, but they don't actually work well as of this writing, so you can skip this if you want
Install-Module -Force OpenSSHUtils
```
Voila! You should now be able to SSH into your Windows machine from any SSH client.
== Client Setup ==
```
lang=powershell, name=Non-Elevated Powershell session
# Create and enter .ssh directory for your user.
cd $env:USERPROFILE; mkdir .ssh; cd .ssh
# Generate identity keys, by default this will be `id_rsa` and `id_rsa.pub`
ssh-keygen.exe
# Create an authorized_keys file starting with your local public key
copy id_rsa.pub authorized_keys
# open an Explorer window in the current location, because I haven't yet bothered to figure out how to do the next portion with Powershell
start .
```
Okay, then:
# Right click {nav authorized_keys}, then {nav Properties > Security > Advanced}
# {nav icon=check-square, name=Disable Inheritance}
# Choose "Convert inherited permissions into explicit permissions on this object" when prompted
# Remove all permissions on file except for `SYSTEM` and //yourself//. There must be exactly two permission entries on the file.
----
To add:
* https://stackoverflow.com/a/50502015/2808933
* https://github.com/PowerShell/Win32-OpenSSH/issues/962 /