from Hacker News

OpenSSH for Windows update

by ghurlman on 10/19/15, 8:32 PM with 138 comments

• by nailer on 10/19/15, 8:39 PM

  > Leverage Windows crypto api’s instead of OpenSSL/LibreSSL and run as Windows Service

  Was wondering about that. I'm surprised the OpenBSD team is accepting the commits - something so fundamental and Windows specific doesn't seem like their kind of thing - but great!

  PS. If you're coming from a Unix background and interested in learning posh: https://certsimple.com/rosetta-stone

• by kasabali on 10/19/15, 8:48 PM

  > Address POSIX compatibility concerns

  Best way to address POSIX compatibility concerns is implementing a proper POSIX layer in Windows (and not in a half-baked manner like the now deprecated SUA). I can't imagine how it would hurt anybody.

• by ryanprichard on 10/19/15, 11:40 PM

  Will this OpenSSH server be able to run interactive console programs (like cmd.exe or python.exe), or will it be limited to (say) PowerShell?

  Windows doesn't have a good API for hosting a console--it's not like Unix, where a pty has a master end and a slave end. Trying to run a console program in mintty.exe (https://github.com/mintty/mintty/issues/56) or Cygwin SSHD fails for this reason. I wrote a tool, winpty, that makes a best-effort attempt to emulate a Unix pty master by scraping the console buffer, but it has some limitations, so I'm not sure Microsoft would want to use it. Maybe they would expand the console API?

• by martin1975 on 10/20/15, 2:30 AM

  Never was much of a windows fan, so a (slightly ignorant) question for someone who is a Win admin - can most administrative things nowadays be done via the command line on Windows (like we've been able to do in *nix land) or is there a gap between what can be done via the GUI vs the command line?

• by DiabloD3 on 10/19/15, 11:01 PM

  This is very goddamned awesome. All I hope is I can set the default user shell for my account. I already use msys2's zsh for my shell (because I use zsh everywhere, on all OS), and being able to ssh into my Windows machine 'normally' (for me, anyways) would be extremely useful.

• by mavhc on 10/19/15, 8:41 PM

  I suggest making Update update, ie lower case, I was confused as to why Windows Update was getting ssh

• by e12e on 10/20/15, 4:06 AM

  The more things change..., from:

  https://github.com/PowerShell/Win32-OpenSSH/wiki/Deploy-Win3...

  "If you need key-based authentication:

  Install key-auth package

  run setup-ssh-lsa.cmd

  reboot"

  Reboot?

  And this gem: "SSH daemon needs to run as System to support key-based authentication".

  Which means, either use weak authentication, or run the daemon as system. I don't even understand why, it's not like the public keys are particularly sensitive (certainly much less sensitive than being able to check passwords for validity)?

• by csours on 10/19/15, 8:51 PM

  Very off topic - I thought that publically was a mis-spelling, but apparently it may be acceptable now!

  http://english.stackexchange.com/questions/45136/difference-...

• by alpb on 10/19/15, 8:50 PM

  For those interested the source code is here: https://github.com/PowerShell/Win32-OpenSSH/

• by gionn on 10/19/15, 8:44 PM

  I am waiting the moment when I can throw away WinRM and SSH to all the servers.

• by cakes on 10/19/15, 9:18 PM

  I'm interested in how this is going to work in PowerShell with the way everything works now, if there happen to be any details about that (whether here, somewhere else, or a past link)?

• by andrewstuart on 10/19/15, 10:55 PM

  It would be good if there was a good free terminal for Windows. The only option is putty.

• by int_handler on 10/19/15, 10:07 PM

  This is exciting to hear.

  I might be overly nitpicky, but holy inconsistent coding styles Batman: compare https://github.com/PowerShell/Win32-OpenSSH/blob/bafc1df7c5c... to the other source files.

• by doxcf434 on 10/20/15, 6:58 AM

  What's the plan for supporting OpenSSH in the long run? Or is this just a one off port that will become stale after a few years?

• by ams6110 on 10/20/15, 1:15 AM

  I've been running OpenSSH on Windows servers for years, using Cygwin.

• by j_s on 10/20/15, 2:44 AM

  I'm a fan of Bitvise SSH for a Windows SSH server; it's been enough to replace Terminal Services when each employee has their own work machine to remote desktop into.

  It's nice that Microsoft recognizes the need for this functionality; I wonder how they will approach the potential per-client licensing issues they like to bring up with their server OS's.

  https://www.bitvise.com/ssh-server

• by angersock on 10/19/15, 9:13 PM

  Out of curiosity...why run this as a service?

  EDIT: I misread this and though it was only a client. Geez. If it's a server, then of course it should be a service.

• by rm1999 on 10/30/15, 6:41 PM

  A great openssh for windows for the time being. Being using this and it is great, only thing is not able to do powershell from it once connected to host.

  http://www.mls-software.com/opensshd.html#botpage

• by phippsbrad on 10/19/15, 8:55 PM

  I have had really good luck with this open source, native windows, ssh server. http://www.kpym.com/2/kpym/index.htm I have no affiliation with the project, i just thought i'd mention that it is a nice alternative i found.

• by callesgg on 10/19/15, 9:33 PM

  That is great, i have tried some ssh servers for windows they have all been constantly crashing or not working with ssh keys.

• by jamiesonbecker on 10/20/15, 2:18 AM

  Cool. Looks like Userify.com (SSH Key management) will support yet another platform sometime next year.

  (disclaimer: I work there.)

• by voltagex_ on 10/19/15, 9:56 PM

  Interesting, they're still using MinGW. I wonder if they'll ever get it to build under MSVC?

• by meneses on 10/20/15, 4:05 AM

  That's a good engineering project. Lucky team working on it!

• by switch007 on 10/19/15, 9:18 PM

  The comment submit button doesn't even work in Safari. That must have taken some effort to break.