As of Windows 10 (or Server 2019), Microsoft has basically added built-in support for OpenSSH as both a client and a host. Of course, it being #Windows, it's sometimes non-obvious and sub-par. == Server setup == Open up an elevated Powershell session (ex. right-click on any Powershell icon/listing and choose {nav Run as Administrator}), and then run the following: ``` name=Elevated Powershell session, lang=Powershell # Install the actual component. Can also be done via the "Features" listing in Windows. Add-WindowsCapability -Online -Name OpenSSH.Server # Make sure the services are set to automatically start, since they often aren't Set-Service ssh-agent -StartupType Automatic Set-Service sshd -StartupType Automatic # Manually start the services so they're running without rebooting, because we're using SSH because we're trying to *not* be all Windows-y about things Start-Service ssh-agent Start-Service sshd # This will optionally install some utilities, but they don't actually work well last I checked, so you can skip this if you want Install-Module -Force OpenSSHUtils ``` Voila! You should now be able to SSH into your Windows machine from any SSH client. == Client Setup == ``` lang=powershell, name=Non-Elevated Powershell session # Create and enter .ssh directory for your user. cd $env:USERPROFILE; mkdir .ssh; cd .ssh # Generate identity keys, by default this will be `id_rsa` and `id_rsa.pub` ssh-keygen.exe # Create an authorized_keys file starting with your local public key copy id_rsa.pub authorized_keys # open an Explorer window in the current location, because I haven't yet bothered to figure out how to do the next portion with Powershell start . ``` Okay, then: # Right click {nav authorized_keys}, then {nav Properties > Security > Advanced} # {nav icon=check-square, name=Disable Inheritance} # Choose "Convert inherited permissions into explicit permissions on this object" when prompted # Remove all permissions on file except for `SYSTEM` and //yourself//. There must be exactly two permission entries on the file. ---- To add: * https://stackoverflow.com/a/50502015/2808933 * https://github.com/PowerShell/Win32-OpenSSH/issues/962 /

As of Windows 10 (or Server 2019), Microsoft has basically added built-in support for OpenSSH as both a client and a host. Of course, it being #Windows, it's sometimes non-obvious and sub-par. == Server setup == Open up an elevated Powershell session (ex. right-click on any Powershell icon/listing and choose {nav Run as Administrator}), and then run the following: ``` name=Elevated Powershell session, lang=Powershell # Install the actual component. Can also be done via the "Features" listing in Windows. Add-WindowsCapability -Online -Name OpenSSH.Server # Make sure the services are set to automatically start, since they often aren't Set-Service ssh-agent -StartupType Automatic Set-Service sshd -StartupType Automatic # Manually start the services so they're running without rebooting, because we're using SSH because we're trying to *not* be all Windows-y about things Start-Service ssh-agent Start-Service sshd # This will optionally install some utilities, but they don't actually work well last I checked, so you can skip this if you want Install-Module -Force OpenSSHUtils ``` Voila! You should now be able to SSH into your Windows machine from any SSH client. == Client Setup == ``` lang=powershell, name=Non-Elevated Powershell session # Create and enter .ssh directory for your user. cd $env:USERPROFILE; mkdir .ssh; cd .ssh # Generate identity keys, by default this will be `id_rsa` and `id_rsa.pub` ssh-keygen.exe # Create an authorized_keys file starting with your local public key copy id_rsa.pub authorized_keys # open an Explorer window in the current location, because I haven't yet bothered to figure out how to do the next portion with Powershell start . ``` Okay, then: # Right click {nav authorized_keys}, then {nav Properties > Security > Advanced} # {nav icon=check-square, name=Disable Inheritance} # Choose "Convert inherited permissions into explicit permissions on this object" when prompted # Remove all permissions on file except for `SYSTEM` and //yourself//. There must be exactly two permission entries on the file. === I wanna be admin === https://github.com/PowerShell/Win32-OpenSSH/issues/962#issuecomment-608067310 claims to be the solution, but `reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System` returns the default `5` for `ConsentPromptBehaviorAdmin` on a system where things that might need admin seem to work, so . . . huh? What did I do? Did I even do anything? Sorry I can't seem to remember or figure out . . . ---- To add: * https://stackoverflow.com/a/50502015/2808933 * https://github.com/PowerShell/Win32-OpenSSH/issues/962 /

As of Windows 10 (or Server 2019), Microsoft has basically added built-in support for OpenSSH as both a client and a host. Of course, it being #Windows, it's sometimes non-obvious and sub-par. == Server setup == Open up an elevated Powershell session (ex. right-click on any Powershell icon/listing and choose {nav Run as Administrator}), and then run the following: ``` name=Elevated Powershell session, lang=Powershell # Install the actual component. Can also be done via the "Features" listing in Windows. Add-WindowsCapability -Online -Name OpenSSH.Server # Make sure the services are set to automatically start, since they often aren't Set-Service ssh-agent -StartupType Automatic Set-Service sshd -StartupType Automatic # Manually start the services so they're running without rebooting, because we're using SSH because we're trying to *not* be all Windows-y about things Start-Service ssh-agent Start-Service sshd # This will optionally install some utilities, but they don't actually work well last I checked, so you can skip this if you want Install-Module -Force OpenSSHUtils ``` Voila! You should now be able to SSH into your Windows machine from any SSH client. == Client Setup == ``` lang=powershell, name=Non-Elevated Powershell session # Create and enter .ssh directory for your user. cd $env:USERPROFILE; mkdir .ssh; cd .ssh # Generate identity keys, by default this will be `id_rsa` and `id_rsa.pub` ssh-keygen.exe # Create an authorized_keys file starting with your local public key copy id_rsa.pub authorized_keys # open an Explorer window in the current location, because I haven't yet bothered to figure out how to do the next portion with Powershell start . ``` Okay, then: # Right click {nav authorized_keys}, then {nav Properties > Security > Advanced} # {nav icon=check-square, name=Disable Inheritance} # Choose "Convert inherited permissions into explicit permissions on this object" when prompted # Remove all permissions on file except for `SYSTEM` and //yourself//. There must be exactly two permission entries on the file. === I wanna be admin === https://github.com/PowerShell/Win32-OpenSSH/issues/962#issuecomment-608067310 claims to be the solution, but `reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System` returns the default `5` for `ConsentPromptBehaviorAdmin` on a system where things that might need admin seem to work, so . . . huh? What did I do? Did I even do anything? Sorry I can't seem to remember or figure out . . . ---- To add: * https://stackoverflow.com/a/50502015/2808933 * https://github.com/PowerShell/Win32-OpenSSH/issues/962 /