Last active
October 28, 2023 10:37
-
-
Save aruaam/942073b358ab74ad9668380f068652c0 to your computer and use it in GitHub Desktop.
How to configure passwordless SSH access to a Windows host
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Run commands in PowerShell as admin | |
| # Remove default ssh components (restart is needed afterwards) | |
| # Do not run this on a production server if OpenSSH is already in use there | |
| Remove-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0 | |
| Remove-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 | |
| # Install fresh openssh server with Chocolatey | |
| choco install openssh -params '"/SSHServerFeature /KeyBasedAuthenticationFeature /SSHAgentFeature"' -y | |
| # Add client's public key to administrators_authorized_keys and fix permissions | |
| # Replace 'your_admin' with the admin username used on your server | |
| $authorizedKey = Read-Host "Enter SSH public key from the client" | |
| Add-Content -Force -Path $env:ProgramData\ssh\administrators_authorized_keys -Value $authorizedKey | |
| icacls.exe ""$env:ProgramData\ssh\administrators_authorized_keys"" /inheritance:r /grant ""Administrators:F"" /grant ""SYSTEM:F"" | |
| icacls.exe ""$env:ProgramData\ssh\administrators_authorized_keys"" /setowner ""your_admin"" | |
| # Uninstall command if it's necessary to repeat the procedure | |
| choco uninstall openssh -params '"/SSHServerFeature /KeyBasedAuthenticationFeature /SSHAgentFeature"' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment