OpenSSH for Windows configuration

Source: Internet
Author: User
Tags mkdir ssh filezilla

Note that configuring the OpenSSH for Windows key authentication process, Memo
———————————————————-
1. Create a Windows user SSH dedicated to SSH remote login.
SSH Local login can be set in the local security policy, but it is not convenient to debug a single machine since then.
———————————————————-
2. Generate user information. Here is the information generated for all users, of course, only to specify the user SSH also line
. \bin\mkgroup-l >> \etc\group
. \bin\mkgroup-d >> \etc\group
. \bin\mkpasswd-l >> \ETC\PASSWD
. \bin\mkpasswd-d >> \ETC\PASSWD
———————————————————-
3. Generate User SSH home directory
mkdir Home
CD Home
mkdir SSH
CD SSH
mkdir. SSH
———————————————————-
4. Modify the default home directory for the Cygwin environment
Windows Registry Editor Version 5.00

[Hkey_local_machine\software\cygnus solutions\cygwin\mounts V2\/home]
"Native" = "C:\\Program Files\\openssh\\home"
"Flags" =dword:0000000a
———————————————————-
5. Generate key
CD bin
mkdir keys
Ssh-keygen-t rsa-b 2048-f keys\rsa2048-c "This is passphrase hint"-n "This is passphrase"
mkdir Keys\.ssh
Cat rsa2048.pub > Keys\.ssh\authorized_keys
———————————————————-
6. Make the above generation private SSH client can use the format, here with putty, can be used Puttygen into Putty PPK format
———————————————————-
7. Set the OpenSSH to accept only key authentication.
There is an additional SFTP service here. In addition, the Strictmodes no option will tell OpenSSH to not check the permissions settings of the user SSH home directory
Protocol 2
Port 22
Hostkey/etc/ssh_host_rsa_key
Permitrootlogin No
Permitemptypasswords No
Strictmodes No
Pubkeyauthentication Yes
Authorizedkeysfile. Ssh/authorized_keys
#IgnoreUserKnownHosts Yes
Passwordauthentication No
Usepam No
Useprivilegeseparation No
Maxstartups 10:30:60
subsystem Sftp/usr/sbin/sftp-server
———————————————————-
8. Set up router NAT and software firewall
NAT sets a TCP packet that maps to port 22nd.
Software firewall settings allow C:\Program Files\openssh\usr\sbin\sshd.exe to listen for TCP port 22.
———————————————————-
9. Basically almost, to enable or stop the OpenSSH service can
net start opensshd
net stop opensshd
It can also be enabled or stopped in Services.msc.
———————————————————-
Putty as the middle end is not bad, is Chinese difficult to do.
If you want to SFTP, you can use WINSCP and FileZilla.
WinSCP and FileZilla See and enter the Chinese directory name/file names are no problem, but copy and other operations Report server can not find a file error,
Maybe the sftp-server.exe version of the OpenSSH for Windows Band is low. (3.x)
Note Map Windows disks to/cygdrive/in the Cygwin environment.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.