28/12/2018

Windows Server 2016 install/enable SSH

Windows 10 ve Windows Server 2012 de olmasına rağmen bir feature olarak ssh Windows Server 2016 da mevcut değil. Ancak Server 2019 da tekrar gelmiş. Ancak problem çözülebiliyor 🙂

Öncelikle aşağıda ki linkten SSH klasörünü indiriyoruz. Zip dosyasını açıp içinde ki OpenSSH-Win64 klasörünü “C:\Program Files\” içine koyuyoruz.

https://github.com/PowerShell/Win32-OpenSSH/releases
PS C:\> cd '.\Program Files\OpenSSH-Win64\'
PS C:\Program Files\OpenSSH-Win64> Get-ChildItem
    Directory: C:\Program Files\OpenSSH-Win64
Mode                LastWriteTime         Length Name
----                -------------         ------ ----
-a----       12/27/2018  10:10 PM          17399 FixHostFilePermissions.ps1
-a----       12/27/2018  10:10 PM          15712 FixUserFilePermissions.ps1
-a----       12/27/2018  10:10 PM          15505 install-sshd.ps1
-a----       12/27/2018  10:10 PM        1624200 libcrypto.dll
-a----       12/27/2018  10:10 PM           6326 openssh-events.man
-a----       12/27/2018  10:10 PM          14147 OpenSSHUtils.psd1
-a----       12/27/2018  10:10 PM          42695 OpenSSHUtils.psm1
-a----       12/27/2018  10:10 PM         328328 scp.exe
-a----       12/27/2018  10:10 PM         345080 sftp-server.exe
-a----       12/27/2018  10:10 PM         398984 sftp.exe
-a----       12/27/2018  10:10 PM         501784 ssh-add.exe
-a----       12/27/2018  10:10 PM         397848 ssh-agent.exe
-a----       12/27/2018  10:10 PM         647192 ssh-keygen.exe
-a----       12/27/2018  10:10 PM         544280 ssh-keyscan.exe
-a----       12/27/2018  10:10 PM         162432 ssh-shellhost.exe
-a----       12/27/2018  10:10 PM         883736 ssh.exe
-a----       12/27/2018  10:10 PM         976408 sshd.exe
-a----       12/27/2018  10:10 PM           2143 sshd_config_default
-a----       12/27/2018  10:10 PM          15862 uninstall-sshd.ps1

Sonra içinde mevcut olan kurulum scriptini çalıştırıyoruz.

PS C:\Program Files\OpenSSH-Win64> .\install-sshd.ps1
Do you want to run software from this untrusted publisher?
File C:\Program Files\OpenSSH-Win64\install-sshd.ps1 is published by CN=Microsoft Corporation, O=Microsoft Corporation,
 L=Redmond, S=Washington, C=US and is not trusted on your system. Only run scripts from trusted publishers.
[V] Never run  [D] Do not run  [R] Run once  [A] Always run  [?] Help (default is "D"): R
[SC] SetServiceObjectSecurity SUCCESS
[SC] ChangeServiceConfig2 SUCCESS
[SC] ChangeServiceConfig2 SUCCESS
sshd and ssh-agent services successfully installed

Böylece SSH bir service olarak kurulmuş oluyor. Şimdi agent ve server i etkinleştirip otomatik açılıma ekleyelim.

PS C:\Program Files\OpenSSH-Win64> Set-Service sshd -StartupType Automatic
PS C:\Program Files\OpenSSH-Win64>  Set-Service ssh-agent -StartupType Automatic
PS C:\Program Files\OpenSSH-Win64> Get-Service ssh-agent
Status   Name               DisplayName
------   ----               -----------
Stopped  ssh-agent          OpenSSH Authentication Agent
PS C:\Program Files\OpenSSH-Win64> Start-Service sshd
WARNING: Waiting for service 'OpenSSH SSH Server (sshd)' to start...
WARNING: Waiting for service 'OpenSSH SSH Server (sshd)' to start...
PS C:\Program Files\OpenSSH-Win64> Start-Service ssh-agent
PS C:\Program Files\OpenSSH-Win64> Get-Service ssh-agent
Status   Name               DisplayName
------   ----               -----------
Running  ssh-agent          OpenSSH Authentication Agent

Sonra public ve private keylerimizi oluşturuyoruz.

PS C:\Program Files\OpenSSH-Win64> .\ssh-keygen.exe
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\Administrator/.ssh/id_rsa):
Created directory 'C:\Users\Administrator/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in C:\Users\Administrator/.ssh/id_rsa.
Your public key has been saved in C:\Users\Administrator/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:e7qlx+4NUhr5mfBB51Ctnd4+pLwwGC53V5ADbZNcYwk administrator@WIN-SSFJIO1GBCN
The key's randomart image is:
+---[RSA 2048]----+
|           .+E++.|
|           ..*+..|
|          o o*.. |
|         o +. =  |
|        S.o .. o |
|        .Oo+  o..|
|       .+=O+..o. |
|        o*+o+o ..|
|        +=o ... .|
+----[SHA256]-----+

Ve en sonda da firewall kurallarımızı ekliyoruz.

PS C:\Program Files\OpenSSH-Win64> New-NetFirewallRule -Protocol TCP -LocalPort 22 -Direction Inbound -Action Allow -DisplayName SSH
Name                  : {44d07978-5ce4-4e10-bfc1-e12d7e546036}
DisplayName           : SSH
Description           :
DisplayGroup          :
Group                 :
Enabled               : True
Profile               : Any
Platform              : {}
Direction             : Inbound
Action                : Allow
EdgeTraversalPolicy   : Block
LooseSourceMapping    : False
LocalOnlyMapping      : False
Owner                 :
PrimaryStatus         : OK
Status                : The rule was parsed successfully from the store. (65536)
EnforcementStatus     : NotApplicable
PolicyStoreSource     : PersistentStore
PolicyStoreSourceType : Local
]]>

Leave a Reply