SSH

Secure Shell is a protocol used to securely log onto remote systems. It can be used for logging or executing commands on a remote server.

Windows Server 2016 install Open-SSH

1. Download Win32-OpenSSH

2. Set Environment Variables(Win32-openSSH Path)

3. Run [Powershell] and move to OpenSSH folder you located. Next, run a command .\install-sshd.ps1 to install sshd

4. Open [Services] and start sshd. And also change to [Automatic] for [Startup Type].

5. Run [Powershell] .\FixHostFilePermissions.ps1 to fix permissions.

6. Add Firewall 22/TCP port to allow SSH connection.

Using public key to login

Update %PROGRAMDATA%\ssh\sshd_config settings. refer issues: https://github.com/PowerShell/Win32-OpenSSH/issues/1358 https://github.com/PowerShell/Win32-OpenSSH/issues/1306

PasswordAuthentication no
#Match Group administrators
#       AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys

and Add public key to %PROGRAMDATA%\ssh\administrators_authorized_keys

Alias

在 ~/.ssh 下新增 config

like:

基本 SSH 連線

ssh alias-name

SSH 連線再附加其他指令

ssh alias-name mkdir wahaha

scp 指定 SSH name

scp -r ./ alias-name:/var/www/html/project/

如果出現以下錯誤訊息：

Bad owner or permissions on /home/user/.ssh/config

請將 config 檔案設置比較小的權限：

chmod 600 config

ssh-keygen 常用參數詳解

ssh-keygen 是 SSH 服務下的一個生成、管理和轉換認證密鑰的命令工具。包括兩種密鑰類型 DSA 和 RSA 通過公私鑰的驗證可以使服務器與服務器之間實現無密碼通訊。ssh-keygen 常用參數

確認金鑰格式

Arguments

• 連到 remote_host:

• 使用指定 私鑰 連到 remote_host:

• 使用指定 port 連到 remote_host:

• 在 remote_host 上執行 command:

• SSH tunneling: Dynamic port forwarding (SOCKS proxy on localhost:9999):

• SSH tunneling: Forward a specific port (localhost:9999 to example.org:80) along with disabling pseudo-[t]ty allocation and executio[n] of remote commands:

• SSH jumping: Connect through a jumphost to a remote server (Multiple jump hops may be specified separated by comma characters):

• Agent forwarding: Forward the authentication information to the remote machine (see man ssh_config for available options):