OpenSSH sshd on Windows Subsystem for Linux: Difference between revisions
(10 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
=External= | |||
* https://superuser.com/questions/1112007/how-to-run-ubuntu-service-on-windows-at-startup | |||
* https://superuser.com/questions/1111591/how-can-i-ssh-into-bash-on-ubuntu-on-windows-10 | |||
=Internal= | =Internal= | ||
Line 9: | Line 14: | ||
=Procedure= | =Procedure= | ||
==Installation== | |||
OpenSSH server should be installed by default: /usr/sbin/sshd should exist. | |||
If it is not, download and install the appropriate packages: | |||
dpkg -i ./libssl1.0.2_1.0.2l-2_amd64.deb \ | |||
./openssh-client_7.4p1-10_amd64.deb \ | |||
./libprocps6_3.3.12-3_amd64.deb \ | |||
./libncurses5_6.0+20161126-1_amd64.deb \ | |||
./procps_3.3.12-3_amd64.deb \ | |||
./openssh-server_7.4p1-10_amd64.deb | |||
==UsePrivilegeSeparation== | ==UsePrivilegeSeparation== | ||
Line 15: | Line 33: | ||
UsePrivilegeSeparation no | UsePrivilegeSeparation no | ||
in /etc/ssh/sshd_config. | |||
This is required to prevent sshd startup error that manifests in logs as: | This is required to prevent sshd startup error that manifests in logs as: | ||
Line 31: | Line 51: | ||
No supported key exchange algorithms | No supported key exchange algorithms | ||
=Configure User Access= | ==Configure User Access== | ||
Add allowed public keys in ~/.ssh/authorized_keys | Add allowed public keys in ~/.ssh/authorized_keys | ||
Line 40: | Line 60: | ||
chmod -R go-rwx .ssh | chmod -R go-rwx .ssh | ||
=Start the sshd Server | ==Start the sshd Server== | ||
<syntaxhighlight lang='bash'> | |||
bash | |||
sudo su - | |||
/etc/init.d/ssh start | |||
</syntaxhighlight> | |||
==Passwordless Sudo== | ==Start the sshd Server at Boot== | ||
===Passwordless Sudo=== | |||
Give passwordless sudo privileges the user that is supposed to start the server, by editing the sudo configuration file with visudo. More details: [[Sudo#Allow_a_user_to_run_all_commands_as_root_without_a_password| Allow a user to run commands as root without a password]]. | Give passwordless sudo privileges the user that is supposed to start the server, by editing the sudo configuration file with visudo. More details: [[Sudo#Allow_a_user_to_run_all_commands_as_root_without_a_password| Allow a user to run commands as root without a password]]. | ||
===Windows Startup Script=== | |||
Create autostartssh.vbs with the following content: | |||
set ws=wscript.createobject("wscript.shell") | |||
ws.run "C:\Windows\System32\bash.exe -c 'sudo /etc/init.d/ssh start'",0 | |||
===Automatically Execute the Windows Startup Script at Boot=== | |||
Task Scheduler -> Create Basic Task -> ... | |||
<font color=red>TODO: this did not work, revisit.</font> | |||
==Configure the Windows Firewall== | |||
{{Internal|Windows_Configuration#Add_a_Custom_Rule_that_allows_SSH_Access|Add a Custom Windows Firewall Rule}} | |||
=Status= | =Status= |
Latest revision as of 19:20, 2 July 2018
External
- https://superuser.com/questions/1112007/how-to-run-ubuntu-service-on-windows-at-startup
- https://superuser.com/questions/1111591/how-can-i-ssh-into-bash-on-ubuntu-on-windows-10
Internal
Overview
This article contains the procedure to configure a Windows Subsystem for Linux sshd to start at boot and allow ssh access to the Windows host.
Procedure
Installation
OpenSSH server should be installed by default: /usr/sbin/sshd should exist.
If it is not, download and install the appropriate packages:
dpkg -i ./libssl1.0.2_1.0.2l-2_amd64.deb \ ./openssh-client_7.4p1-10_amd64.deb \ ./libprocps6_3.3.12-3_amd64.deb \ ./libncurses5_6.0+20161126-1_amd64.deb \ ./procps_3.3.12-3_amd64.deb \ ./openssh-server_7.4p1-10_amd64.deb
UsePrivilegeSeparation
Turn UsePrivilegeSeparation off by setting:
UsePrivilegeSeparation no
in /etc/ssh/sshd_config.
This is required to prevent sshd startup error that manifests in logs as:
chroot("/var/run/sshd"): Function not implemented [preauth]
Regenerate Server Keys
Regenerate the server keys following the procedure described here:
This is required to prevent sshd startup error that manifests in the logs as:
debug1: list_hostkey_types: No supported key exchange algorithms
Configure User Access
Add allowed public keys in ~/.ssh/authorized_keys
Set acceptable permissions:
cd ~ chmod -R go-rwx .ssh
Start the sshd Server
bash
sudo su -
/etc/init.d/ssh start
Start the sshd Server at Boot
Passwordless Sudo
Give passwordless sudo privileges the user that is supposed to start the server, by editing the sudo configuration file with visudo. More details: Allow a user to run commands as root without a password.
Windows Startup Script
Create autostartssh.vbs with the following content:
set ws=wscript.createobject("wscript.shell") ws.run "C:\Windows\System32\bash.exe -c 'sudo /etc/init.d/ssh start'",0
Automatically Execute the Windows Startup Script at Boot
Task Scheduler -> Create Basic Task -> ...
TODO: this did not work, revisit.
Configure the Windows Firewall
Status
/etc/init.d/ssh status
Start/Stop
/etc/init.d/ssh start|stop