Forging Secure Connections: Mastering SSH Configuration on Windows
In the realm of the Windows operating system, configuring SSH with pubkey authentication can be a daunting task. Fear not, brave adventurer, for we shall guide you through this galactic quest, ensuring a smooth and secure SSH experience.
Begin by creating a new administrator user, granting them the power to safeguard your system from intruders. With a password set and their inclusion in the administrators group, they will serve as a stalwart defender against the forces of darkness.
Harness the mystical forces of PowerShell, invoking the sacred command Add-WindowsCapability
to install the OpenSSH server component. This transformative step unlocks the door to secure communication, enabling you to traverse the expansive Windows galaxy.
Ignite the flame of the SSH service (sshd), ensuring its unwavering presence in your system. By setting it to automatically start on system boot, you guarantee its constant vigilance, standing ready to accept connections from distant realms.
net user <user> "<password>" /add /y
wmic UserAccount where Name="<user>" set PasswordExpires=False
net localgroup administrators <user> /add
powershell Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
powershell Start-Service sshd
powershell Set-Service -Name sshd -StartupType 'Automatic'
powershell -NoProfile -ExecutionPolicy Bypass -Command "Set-ExecutionPolicy -ExecutionPolicy bypass -Force
Align your SSH sessions with the power of PowerShell, making it the default shell for enhanced control and flexibility. Let the elegant art of PowerShell guide your actions as you navigate the complexities of the Windows universe.
Embrace the path of heightened security by enabling pubkey authentication and disabling passwords. Just as a Jedi relies on their lightsaber, you rely on the power of your public key to authenticate and gain access to the system. This fortifies your defenses, ensuring only the chosen ones can wield the power of entry.
Enhance the strength of your authority by adding your esteemed public key to the sacred grounds of the administrators_authorized_keys file. With this key in place, you rise to the ranks of the privileged, wielding the power to command and protect.
Secure the integrity of the administrators_authorized_keys
file by setting appropriate permissions, ensuring that only the most trusted hands can alter its contents. This further fortifies your defenses, safeguarding against any attempts to tamper with the keys that hold the gateway to your system.
Complete the transformation by invoking the power of a restart, restarting the SSH service to apply the changes. With this final act, your system is fortified and ready to embark on a journey of secure connections.
New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
((Get-Content -path $env:ProgramData\ssh\sshd_config -Raw) -replace '#PubkeyAuthentication yes','PubkeyAuthentication yes' -replace '#PasswordAuthentication yes','PasswordAuthentication no') | Set-Content -Path $env:ProgramData\ssh\sshd_config
Add-Content -Force -encoding UTF8 -Path $env:ProgramData\ssh\administrators_authorized_keys -Value "<public-key>"
icacls.exe "$env:ProgramData\ssh\administrators_authorized_keys" /inheritance:r /grant "Administrators:F" /grant "SYSTEM:F"
Restart-Service sshd
By following this script’s guidance, you become a guardian of secure SSH connections, a beacon of light in the Windows galaxy.
May your paths be protected, and may your adventures be filled with secure and trusted connections.