From e95506a6979d0ba3da649838d88b093a293cd56b Mon Sep 17 00:00:00 2001 From: bagajjal Date: Wed, 26 Aug 2020 10:00:21 -0700 Subject: [PATCH] Created Setup public key based authentication for windows (markdown) --- ...ic-key-based-authentication-for-windows.md | 42 +++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 Setup-public-key-based-authentication-for-windows.md diff --git a/Setup-public-key-based-authentication-for-windows.md b/Setup-public-key-based-authentication-for-windows.md new file mode 100644 index 0000000..ca2747d --- /dev/null +++ b/Setup-public-key-based-authentication-for-windows.md @@ -0,0 +1,42 @@ +## On the client machine, create the public/private key pair. +1) cd to + +2) Create the key pair. + + `ssh-keygen.exe -t rsa -f $env:USERPROFILE\.ssh\id_rsa` + + _Enter the passphrase (or) hit enter to skip the passphrase._ + + +## On the server machine, execute the below commands. + +1) Open the PowerShell window. **Admin users require elevated PowerShell window**. + +2) Manually copy the public key to the server machine. + +3) If you are an admin user and using default sshd_config then + + i. Copy the public key + + `cp "$env:programdata\ssh\administrators_authorized_keys"` + + _Please note administrators_authorized_keys is the file name without any extension._ + + ii. set the right ACLs. + + `get-acl "$env:programdata\ssh\ssh_host_rsa_key" | set-acl "$env:programdata\ssh\administrators_authorized_keys"` + + +4) For non-admin users, + + copy the public key to authorized_keys file (without any extension). + + cp $env:USERPROFILE\.ssh\authorized_keys + _If you don't have .ssh folder under $env:USERPROFILE folder then manually create it_ + +## From the client machine, try the key-based authentication + + ssh user@domain@ip -i (Domain users) + ssh user@ip -i (local users) + +_Please note, if you have private_key in "$env:USERPROFILE\\.ssh" directory then you don't need to pass the private_key_absolute_path_