phares3757/fi-operations
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fi-operations/.NET/vscode-ssh.md
Mike Phares 3a3f5bcd02 Update SSL Certificate Request 
VSCode SSH
- Allows using VSCode to build code as if you were on remote machine.
- Remote machine will still need dotnet SDK

Added AppSetting Markdown
2025-04-02 16:13:03 -07:00

139 lines
4.6 KiB
Markdown
Raw Blame History

# VSCode SSH
- Allows using VSCode to build code as if you were on remote machine.
- Remote machine will still need dotnet SDK
## Offline Installer
- Download and copy to servers that can't reach github.com
- [openssh-portable](https://github.com/PowerShell/openssh-portable)
## PowerShell Installer
- PowerShell Administrator
```PowerShell Administrator 1736187016914 = 638717838169140000 = Mon Jan 06 2025 11:10:16 GMT-0700 (Mountain Standard Time)
Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'
# Install the OpenSSH Client
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
# Install the OpenSSH Server
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
```
## Key Generation
- Run with any user
```PowerShell 1736187033768 = 638717838337680000 = Mon Jan 06 2025 11:10:33 GMT-0700 (Mountain Standard Time)
ssh-keygen -t ed25519
```
## Authentication via Public Key
- PowerShell Administrator
```PowerShell Administrator 1736187105777 = 638717839057770000 = Mon Jan 06 2025 11:11:45 GMT-0700 (Mountain Standard Time)
copy $env:USERPROFILE\.ssh\id_ed25519.pub C:\ProgramData\ssh\authorized_keys
copy $env:USERPROFILE\.ssh\id_ed25519.pub C:\ProgramData\ssh\administrators_authorized_keys
icacls.exe "C:\ProgramData\ssh\authorized_keys" /inheritance:r /grant "Administrators:F" /grant "SYSTEM:F"
icacls.exe "C:\ProgramData\ssh\administrators_authorized_keys" /inheritance:r /grant "Administrators:F" /grant "SYSTEM:F"
```
- Configuration allows for public key authentication
- Removes higher risk password authentication
```conf 1736187108739 = 638717839087390000 = Mon Jan 06 2025 11:11:48 GMT-0700 (Mountain Standard Time)
...
PubkeyAuthentication yes
...
PasswordAuthentication no
...
```
## Firewall
- Open Windows Firewall with Advanced Security GUI
- Add new Inbound Rule for port 22
- Change Profiles to only enable domain
- Change scope to remote ip for your machine
```bash 1736187743528 = 638717845435280000 = Mon Jan 06 2025 11:22:23 GMT-0700 (Mountain Standard Time)
wf.msc
```
- Exported list for the two inbound rules
```tsv 1736187853968 = 638717846539680000 = Mon Jan 06 2025 11:24:13 GMT-0700 (Mountain Standard Time)
Name Group Profile Enabled Action Override Program Local Address Remote Address Protocol Local Port Remote Port Authorized Users Authorized Computers Authorized Local Principals Local User Owner Application Package
OpenSSH SSH Server Preview (sshd) Private Yes Allow No C:\Program Files\OpenSSH\sshd.exe Any Any TCP 22 Any Any Any Any Any Any
SSH Domain Yes Allow No Any Any 10.64.233.125 TCP 22 Any Any Any Any Any Any
```
- Command line add inbound rule SSH
```bash 1736188562695 = 638717853626950000 = Mon Jan 06 2025 11:36:02 GMT-0700 (Mountain Standard Time)
netsh advfirewall firewall add rule name="SSH" dir=in action=allow enable=yes profile=domain remoteip=10.64.233.125 localport=22 protocol=TCP
```
- Command line to add remote IP
```bash 1736188289189 = 638717850891890000 = Mon Jan 06 2025 11:31:28 GMT-0700 (Mountain Standard Time)
netsh advfirewall firewall set rule name="SSH" new remoteip=10.64.233.125
```
- Command line to enable rule
```bash 1736188447588 = 638717852475880000 = Mon Jan 06 2025 11:34:07 GMT-0700 (Mountain Standard Time)
netsh advfirewall firewall set rule name="SSH" new enable=yes
```
## Local Key Generation
- Replace user
- Run on local machine
- Add output to remote machine
```PowerShell 1736190383218 = 638717871832180000 = Mon Jan 06 2025 12:06:22 GMT-0700 (Mountain Standard Time)
ssh-keygen -t ed25519
more "C:/Users/user/.ssh/id_ed25519.pub"
echo "C:\ProgramData\ssh\authorized_keys"
echo "C:\ProgramData\ssh\administrators_authorized_keys"
```
## Test Connection
- Replace user and machine
```bash 1736187372778 = 638717841727780000 = Mon Jan 06 2025 11:16:12 GMT-0700 (Mountain Standard Time)
ssh user@machine.infineon.com -i C:/Users/user/.ssh/id_ed25519
```
## VSCode
- Install VSCode extension ms-vscode-remote.remote-ssh
- Add machine to VSCode Remote Explorer
- Example after adding machine to Remote Explorer "C:\Users\phares\.ssh\config"
```conf 1736189363973 = 638717861639730000 = Mon Jan 06 2025 11:49:23 GMT-0700 (Mountain Standard Time)
Host mestsa003.infineon.com
HostName mestsa003.infineon.com
User mesphares
IdentityFile C:/Users/phares/.ssh/id_ed25519
Host mestsa05ec.infineon.com
HostName mestsa05ec.infineon.com
User mesphares
IdentityFile C:/Users/phares/.ssh/id_ed25519
Host mestsa07ec.infineon.com
HostName mestsa07ec.infineon.com
User mesphares
IdentityFile C:/Users/phares/.ssh/id_ed25519
Host messa010ec.infineon.com
HostName messa010ec.infineon.com
User mesphares
IdentityFile C:/Users/phares/.ssh/id_ed25519
```
Reference in New Issue View Git Blame Copy Permalink