diff --git a/ssh.exe-examples.md b/ssh.exe-examples.md index bf90a00..e3c312b 100644 --- a/ssh.exe-examples.md +++ b/ssh.exe-examples.md @@ -1,45 +1,42 @@ -##### Login With Password: -1. Work Group Users: +## Login With Password + +1. Workgroup users * `ssh user@host` -2. Domain Users: Domain needs to be explicitly specified. Any of the following formats would work: +2. Domain users: Domain needs to be explicitly specified. Any of the following formats work * `ssh -l user@domain host` * `ssh domain\user@host` * `ssh user@domain@host` +## Login With SSH Keys -##### Login With SSH Keys -**Setup Server machine** -*** -1. Copy `id_rsa.pub` (client's public key) to corresponding user's directory on ssh server machine - * as `%systemdrive%\users\\.ssh\authorized_keys` (path on the ssh server machine) -2. Make sure the authorized_keys file is [secured][Secure file] (you make need to re-ACL it if it is not.) and "NT Service\sshd" has Read access to it -``` - $authorizedKeyPath = "%systemdrive%\users\\.ssh\authorized_keys" - $acl = get-acl $authorizedKeyPath - $ar = New-Object System.Security.AccessControl.FileSystemAccessRule("NT Service\sshd", "Read", "Allow") - $acl.SetAccessRule($ar) - Set-Acl $authorizedKeyPath $acl +### Setup server-side (`sshd`) + +1. Copy `id_rsa.pub` (client's public key) to corresponding user's directory on the SSH server at `%systemdrive%\Users\\.ssh\authorized_keys` +2. Make sure the authorized_keys file is [secured][Secure file] (you may need to re-ACL it) and "NT Service\sshd" has Read access to it +```powershell +$authorizedKeyPath = "%systemdrive%\users\\.ssh\authorized_keys" +$acl = Get-Acl $authorizedKeyPath +$ar = New-Object System.Security.AccessControl.FileSystemAccessRule("NT Service\sshd", "Read", "Allow") +$acl.SetAccessRule($ar) +Set-Acl $authorizedKeyPath $acl ``` -**Usage from Client machine** -*** +### Usage from client-side 1. Generate a key pair on the client: * `ssh-keygen -t rsa -f id_rsa` - * if existing key pair generated by ssh-keygen.exe before build [v0.0.13.0][build13] are used, make sure they are [secured][Secure file]. + * If you're using an existing key pair generated by `ssh-keygen` before installing build [v0.0.13.0][build13], make sure they are [secured][Secure file]. 2. Register [secured][Secure file] private key with ssh-agent (for single sign-on experience) * `net start ssh-agent` * `ssh-add id_rsa` -3. Login using [secured][Secure file] private key. - * `ssh -i .\id_rsa user@host` (work group user) +3. Login using [secured][Secure file] private key + * `ssh -i .\id_rsa user@host` (workgroup user) * `ssh -i .\id_rsa -l user@domain host` (domain user) +### For Unix and Linux users - -##### For Unix and Linux users - -The [Modern Unix Rosetta Stone](https://certsimple.com/rosetta-stone) includes Powershell examples of common Unix and Linux commands. +The [Modern Unix Rosetta Stone](https://certsimple.com/rosetta-stone) includes PowerShell examples of common Unix and Linux commands. [Secure file]: https://github.com/PowerShell/Win32-OpenSSH/wiki/Security-protection-of-various-files-in-win32-openssh [build13]: https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v0.0.13.0 \ No newline at end of file