From 2f7c521fb0bc70e1a2e4ab378591a30c1328218a Mon Sep 17 00:00:00 2001 From: Joey Aiello Date: Fri, 16 Oct 2015 15:54:59 -0700 Subject: [PATCH] Changed the flow to make it more clear what applies to key-based auth --- Deploy-Win32-OpenSSH.md | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/Deploy-Win32-OpenSSH.md b/Deploy-Win32-OpenSSH.md index 9f6331d..9447a2e 100644 --- a/Deploy-Win32-OpenSSH.md +++ b/Deploy-Win32-OpenSSH.md @@ -8,17 +8,17 @@ * Open Firewall * start PowerShell * new-netfirewallrule -Protocol TCP -LocalPort 22 -Direction Inbound -Action Allow -DisplayName SSH -* Install key-auth package if you need key-based authentication - * run setup-ssh-lsa.cmd - * reboot -* Run SSH daemon as System (See below for alternative options) - * Download PSTools from [SysInternals](https://technet.microsoft.com/en-us/sysinternals/bb897553) - * psexec.exe -i -s cmd.exe - * Within cmd.exe - launch sshd.exe -* Running SSH daemon as Admin user - * Note - SSH daemon needs to run as System to support key-based authentication - * Give Admin user SE_ASSIGNPRIMARYTOKEN_NAME (steps below) - * secpol.msc -> Local Policies -> UserRightsAssessment - * Add the Admin user to "Replace a process level token" - * Log off and Log in. +* If you need key-based authentication: + * Install key-auth package + * run setup-ssh-lsa.cmd + * reboot + * Run SSH daemon as System (See below for alternative options) + * Download PSTools from [SysInternals](https://technet.microsoft.com/en-us/sysinternals/bb897553) + * psexec.exe -i -s cmd.exe + * Within cmd.exe - launch sshd.exe +* Running SSH daemon as Admin user (Note - SSH daemon needs to run as System to support key-based authentication) + * Give Admin user SE_ASSIGNPRIMARYTOKEN_NAME + * secpol.msc -> Local Policies -> UserRightsAssessment + * Add the Admin user to "Replace a process level token" + * Log off and Log in. * In elevated cmd.exe, start sshd.exe