You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Requirements

At least version Windows Server 2019 or Windows 10 1809
Windows Connector for Perun uses native OpenSSH support on Windows OS since Windows Server 2019, Windows 10 1809.

Installation

  1. Initial setup of OpenSSH. Please follow official instalation documentation from Microsoft.
  2. Set up the PowerShell as the default shell for SSH:
    New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
  3. Create an account for Perun on the target machine (or create as a domain account)
  4. Allow SSH only for the specific account by adding the following line to end of the %programdata%\ssh\sshd_config file. Official documentation on allowing or denying accounts
    # For local account
AllowUsers username

  5. Forbid password authentication by changing sshd_config.
    # From
#PasswordAuthentication yes
# To
PasswordAuthentication no

  6. Copy the public key for Perun to following files in format: 
    command="& c:\scripts\perun\perun_connector.ps1 $input; exit $LASTEXITCODE" ssh-rsa publickey perun@idm.ics.muni.cz
    - C:\Users\<USER>\.ssh\authorized_keys (note that only perun user have rights for .ssh folder and files see the official documentation of deploying the keys)
    - C:\ProgramData\ssh\administrators_authorized_keys


  7. Restart sshd service
    Restart-Service sshd
  8. Test connection
  • No labels