--- created: 2024-01-14T02:18:17.942Z type: topic updated: 2024-08-23T21:14:54.201Z --- # SSH ```bash %WINDIR%\System32\OpenSSH %ProgramData%\ssh %USERPROFILE%\.ssh ``` ```bash https://api.github.com/users/mikepharesjr/keys sudo -i exit ssh-import-id gh:mikepharesjr ``` ```PowerShell Administrator Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*' # Install the OpenSSH Client Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0 # Install the OpenSSH Server Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 ``` ```bash dism /Online /Add-Capability /CapabilityName:OpenSSH.Server~~~~0.0.1.0 ``` ```PowerShell Administrator New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH SSH Server' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22 -Program "C:\Windows\System32\OpenSSH\sshd.exe" ``` ```PowerShell ssh-keygen -t ed25519 ``` ```bash puttygen "C:\Users\mikep\.ssh\id_ed25519" ``` ```PowerShell Administrator copy $env:USERPROFILE\.ssh\id_ed25519.pub C:\ProgramData\ssh\authorized_keys copy $env:USERPROFILE\.ssh\id_ed25519.pub C:\ProgramData\ssh\administrators_authorized_keys icacls.exe "C:\ProgramData\ssh\authorized_keys" /inheritance:r /grant "Administrators:F" /grant "SYSTEM:F" icacls.exe "C:\ProgramData\ssh\administrators_authorized_keys" /inheritance:r /grant "Administrators:F" /grant "SYSTEM:F" code-insiders "C:\ProgramData\ssh" ``` ```PowerShell Administrator Start-Service sshd ``` ```conf # After default PubkeyAuthentication yes PasswordAuthentication no ``` ```bash certlm.msc ``` ```bash systemctl restart ssh ``` ```bash echo "admin@192.168.11.1"&ssh admin@192.168.11.1 echo "asus@asus.laptops"&ssh asus@asus.laptop -i C:/Users/phares/.ssh/id_ed25519 echo "metrologysvc@meslvec0004.mes.infineon.com"&ssh metrologysvc@meslvec0004.mes.infineon.com -i C:/Users/phares/.ssh/id_ed25519 echo "metrologysvc@meslvec0005.mes.infineon.com"&ssh metrologysvc@meslvec0005.mes.infineon.com echo "mike@192.168.0.41"&ssh mike@192.168.0.41 -i C:/Users/phares/.ssh/id_ed25519 echo "mike@server"&ssh mike@192.168.11.2 -i C:/Users/phares/.ssh/id_ed25519 echo "mikep@192.168.11.16"&ssh mikep@192.168.11.16 -i C:/Users/phares/.ssh/id_ed25519 echo "phares@auclv0558.auc.infineon.com"&ssh phares@auclv0558.auc.infineon.com echo "phares@leolsec0004.leo.infineon.com"&ssh phares@leolsec0004.leo.infineon.com -i C:/Users/phares/.ssh/id_ed25519_leo echo "phares@mesxs015.mes.infineon.com"&ssh phares@mesxs015.mes.infineon.com echo "pi3@192.168.11.17"&ssh pi3@192.168.11.17 -i C:/Users/phares/.ssh/id_ed25519 echo "root@192.168.11.17"&ssh root@192.168.11.17 -i C:/Users/phares/.ssh/id_ed25519 echo "root@192.168.5.1"&ssh 192.168.5.1 echo "root@asus.laptop"&ssh root@asus.laptop -i C:/Users/phares/.ssh/id_ed25519 echo "root@chelsea.desktop"&ssh root@chelsea.desktop -i C:/Users/phares/.ssh/id_ed25519 echo "root@free.file.sync.root"&ssh root@free.file.sync.root -i C:/Users/phares/.ssh/id_ed25519 echo "tibco@leolsec0003.leo.infineon.com"&ssh tibco@leolsec0003.leo.infineon.com -i C:/Users/phares/.ssh/id_ed25519_leo echo "tibco@leolsec0004.leo.infineon.com"&ssh tibco@leolsec0004.leo.infineon.com -i C:/Users/phares/.ssh/id_ed25519_leo echo "tibco@leolsec0005.leo.infineon.com"&ssh tibco@leolsec0005.leo.infineon.com -i C:/Users/phares/.ssh/id_ed25519_leo echo "tibco@mesxsec013.mes.infineon.com"&ssh tibco@mesxsec013.mes.infineon.com echo "tibco@mesxsec014.mes.infineon.com"&ssh tibco@mesxsec014.mes.infineon.com echo "tibco@tibrvd.mes.infineon.com"&ssh tibco@tibrvd.mes.infineon.com echo "unity4@unity4"&ssh unity4@unity4 -i C:/Users/phares/.ssh/id_ed25519 echo "unity5@unity5"&ssh unity5@unity5 -i C:/Users/phares/.ssh/id_ed25519 echo "winSCP%20temporary%20session"&ssh 192.168.0.54 -i C:/Users/phares/.ssh/id_ed25519 ``` ```bash ssh root@free.file.sync.root -i C:/Users/phares/.ssh/id_ed25519 ``` - [windows-ssh-permissions-for-private-key-are-too-open](https://superuser.com/questions/1296024/windows-ssh-permissions-for-private-key-are-too-open) ```bash Fri Aug 23 2024 11:05:00 GMT-0700 (Mountain Standard Time) # Set Key File Variable: Set Key="%UserProfile%\.ssh\id_rsa" # Remove Inheritance: Icacls %Key% /c /t /Inheritance:d # Set Ownership to Owner: Key's within %UserProfile%: Icacls %Key% /c /t /Grant %UserName%:F # Key's outside of %UserProfile%: TakeOwn /F %Key% Icacls %Key% /c /t /Grant :r %UserName%:F # Remove All Users, except for Owner: Icacls %Key% /c /t /Remove:g "Authenticated Users" BUILTIN\Administrators BUILTIN Everyone System Users # Verify: Icacls %Key% # Remove Variable: set "Key=" ```