Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Requirements

  1. At least version Windows Server 2019 or Windows 10 1809
    Windows Connector for Perun uses native OpenSSH support on Windows OS since Windows Server 2019, Windows 10 1809.

Installation

  1. Initial setup of OpenSSH. Please follow official instalation documentation from Microsoft.
  2. Set up the PowerShell as the default shell for SSH:
    New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
  3. Create an account for Perun on the target machine (or create as a domain account)
  4. Allow SSH only for the specific account by adding the following line to end of the %programdata%\ssh\sshd_config file. Official documentation on allowing or denying accounts
    # For local account
    AllowUsers username

  5. Forbid password authentication by changing sshd_config.
    # From
    #PasswordAuthentication yes
    # To
    PasswordAuthentication no

  6. Copy the public key for Perun to following files in format: 
    command="& c:\scripts\perun\perun_connector.ps1 $input; exit $LASTEXITCODE" ssh-rsa publickey perun@idm.ics.muni.cz
    - C:\Users\<USER>\.ssh\authorized_keys (note that only perun user have rights for .ssh folder and files see the official documentation of deploying the keys)
    - C:\ProgramData\ssh\administrators_authorized_keys
  7. Restart sshd service

    Restart-Service sshd
  8. Test connection