I'm trying to set up a password free ssh path from a linux server to a windows machine. I currently have MobaSSH running on the windows machine. I can ssh from the linux server to the windows machine fine and execute commands just fine but I have to enter a password.
I create a public RSA key on the linux system and using WinSCP I copied the file over to the C:\Users\MyUserName\.ssh folder and restarted the MobaSSh service on the windows machine.
It still won't let me ssh in without a password. What am I missing here? Any help vastly appreciated.
OpenSSH is available for Windows 10 and has worked very reliably for me. I can consistently connect from a Linux machine without a password. Here is how to set it up.
upgrade to Windows 10 version 1809 or higher
check via: powershell -c "(Get-Item 'HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion').GetValue('ReleaseID')"; see also systeminfo | findstr /B /C:"OS Name" /C:"OS Version" for Pro vs. Home, build number
upgrade via Windows Update settings or Download Windows 10 (the latter works around an issue where some systems are stuck at 1803)
install SSH client and server (as administrator; source) - in Windows PowerShell:
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
Start-Service sshd # remote login should be possible following this command
Set-Service -Name sshd -StartupType 'Automatic'
Get-NetFirewallRule -Name *ssh* # there should be a firewall rule named "OpenSSH-Server-In-TCP" # optional
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0 # optional
enabling public key login for administrators (source) - from Linux command-line:
scp ~/.ssh/id_rsa.pub administrator#remote_computer_name:'C:\ProgramData\ssh\administrators_authorized_keys' # if using an alternate method, ensure file is not UTF-16 encoded
icacls C:\ProgramData\ssh\administrators_authorized_keys /remove "NT AUTHORITY\Authenticated Users"
icacls C:\ProgramData\ssh\administrators_authorized_keys /inheritance:r
get-acl C:\ProgramData\ssh\ssh_host_dsa_key | set-acl C:\ProgramData\ssh\administrators_authorized_keys
enabling public key login for non-administrators - in Windows PowerShell:
Install-Module -Force OpenSSHUtils -Scope AllUsers # for: Repair-AuthorizedKeyPermission
cd C:\Users\...
ssh-keygen # create ~/.ssh
# add key(s) to ~/.ssh/authorized_keys
$ConfirmPreference = 'None'; Repair-AuthorizedKeyPermission -FilePath .ssh\authorized_keys
# if above fails, try ''%%Set-ExecutionPolicy Unrestricted -Scope CurrentUser%%''; see also https://github.com/PowerShell/Win32-OpenSSH/issues/1245#issuecomment-440388604
Related
I'm trying to connect to my Jetsonnano from Windows 10 via ssh. If i use my Ubuntu Pc everything works fine, but if i use my Windows 10 Laptop I see this Error:
Permission denied, please try again.
After I type in the correct Password.
Thank you all for your Time and Help
Check for the pwsh executable path first:
Get-Command pwsh | select Source
this will give you the path of powershell core path
Get-Command powershell | select Source
this command on the other hand will return the path of earlier version of powershell
i.e. powershell version 5 etc.
I was also having the same issue. After I blindly copied a command from a blog post and executed it:
New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell
-Value "C:\Program Files\PowerShell\7\pwsh.exe" -PropertyType String -Force
I scratched my head for more than 10 hours.
then I did debug run of sshd with this command on Windows 10 host:
sshd -d
and tried to connect from my Linux machine as usual:
ssh james#192.168.1.123
I saw this line in my Windows debug prompt:
User james not allowed because shell c:\\program files\\powershell\\7\\pwsh.exe does not exist
so I executed this command again with modified path to Powershell 7 executable:
New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell
-Value "C:\Program Files\WindowsApps\Microsoft.PowerShell_7.2.1.0_x64__8wekyb3d8bbwe\pwsh.exe"
-PropertyType String -Force
and it fixed my problem.
Open the terminal
start ssh-agent eval$(ssh-agent -s)
add a key to the ssh-agent (if prompted, enter the password)
ssh-add ~/.ssh/id_rsa
test connection ssh -T git#github.com
Clone the repo git clone git#github.com:antonykidis/Setup-ssh-for-github.git
Enjoy
Important:
Every time you start a new Terminal instance:
You will have to call ssh-agent.
Add RSA key to the ssh-agent.
Loop through these steps every time you close/open the terminal.
Because the terminal “loses” ssh-agent with its keys on every session.
Check this information:
Open C:\Program Files\Git\etc\ssh\ssh_config (if that’s where you installed Git)
Add lines
Host github.com or ubuntu host machine
IdentityFile ~/.ssh/
I am trying to setup a script that will:
Connect to a windows share
Using LOAD DATA LOCAL INFILE, upload the two files into their appropriate db tables
Umount share
Situation:
I can currently vpnc into this remote machine
Problem:
I cannot
mount -t cifs //ip.address/share /mnt/point -o username=u,password=p,port=445
mount error(110) Connection timed out
I am attempting to do this manually first
Remote server is open to port 445
Questions:
Do I even need to vpnc in first?
Do I need to do route add for the remote ip/mask/gw after vpnc?
Thank you!
The mount.cifs file is provided by the samba-client package. This can be installed from the standard CentOS yum repository by running the following command:
yum install samba samba-client cifs-utils
Once installed, you can mount a Windows SMB share on your CentOS server by running the following command:
Syntax:
mount.cifs //SERVER_ADDRESS/SHARE_NAME MOUNT_POINT -o user=USERNAME
SERVER_ADDRESS: Windows system’s IP address or hostname
SHARE_NAME: The name of the shared folder configured on the Windows system
USERNAME: Windows user that has access to this share
MOUNT_POINT: The local mount point on your CentOS server
I am mounting to a share from \\10.11.10.26\snaps
Make a directory under mount for your reference
mkdir /mnt/mymount
Now I am mounting the snaps folder from indiafps02, User name is the Domain credentials, i.e. Mydomain in this case
mount.cifs //10.11.10.26/snaps /mnt/mymount -o user=Girish.KG
Now you could see the content by typing
ls /mnt/mymount
So, after performing your task, just fire umount command
umount /mnt/mymount
That's it. You are done.
no need to install "samba" and "samba-client", only "cifs-utils" using command
yum install cifs-utils
after that in windows share the folder you would like to mount in centos if you didn't do that already ("c:\interpub\wwwroot" in my case).
make sure you share it with a specific username whom your know the password for ("netops" in my case).
create a directory in centos in which you would like to mount the windows share in to ("/mnt/cm" in my case).
after that run that simple command as a root
mount.cifs //10.16.0.160/wwwroot /mnt/cm/ -o user=netops
centos will prompt you for the windows username password.
you are done.
I would very much like to take my Git install with me wherever I go, so I have installed GitPortable via PortableApps.
Unfortunately, the OpenSSH utilities available in git-bash insists on placing/searching for the .ssh folder in a nonsensical place (C/.ssh).
Now, I have seen others with the same problem, but the solution generally was to set HOME as a Windows environment variable. But this is not working for me.
From the usual Windows command prompt:
C:\Users\snb>echo %HOME%
C:\Users\snb
Showing that the environment variable is apparently set correctly.
From git-bash:
snb#SNB-WORKSTATION /c/Users/snb
$ echo $HOME
C:\Users\snb
Showing that git-bash agrees. However if I test out an SSH command, OpenSSH has the completely wrong idea of where to locate the .ssh folder:
snb#SNB-WORKSTATION /c/Users/snb
$ ssh -T git#bitbucket.org
Could not create directory 'C/.ssh'.
The authenticity of host 'bitbucket.org (131.103.20.167)' can't be established.
RSA key fingerprint is 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40.
Are you sure you want to continue connecting (yes/no)?
I'm at a loss at what to do to make OpenSSH in the GitPortable installation understand where my home directory is. Do you have any ideas other than giving in and just installing Git for Windows?
EDIT:
The OpenSSH version is:
$ ssh -V
OpenSSH_6.6.1p1, OpenSSL 1.0.1i 6 Aug 2014
The command uses the correct .ssh folder location in a Windows command prompt when using git-cmd.bat:
C:\Users\snb>ssh -T git#bitbucket.org
The authenticity of host 'bitbucket.org (131.103.20.168)' can't be established.
RSA key fingerprint is 97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'bitbucket.org,131.103.20.168' (RSA) to the list of known hosts.
Enter passphrase for key '/c/Users/snb/.ssh/id_rsa':
But I truly hate cmd.exe, I need this to work for git-bash! :)
The SSH command git-bash uses is:
$ which ssh
/bin/ssh
The /bin folder is located inside the GitPortable installation, so this would be the OpenSSH version distributed with GitPortable.
This GitPortable is based on msysgit PortableGit-1.9.5-preview20141217 github commit
The proper path for HOME in a bash session should be set with:
export HOME=/c/Users/snb
That would make it compatible with ssh in a unix shell.
Using posix path seems safer considering Git is running on top of a posix run-time environment.
I'm setting up a git environment on Windows XP (msysGit 1.7.11, TortoiseGit 1.7.14) and trying to achieve following points :
ssh connection on a port different than default 22
ssh authentification handled by ssh-agent
So I create a ~/.ssh/config file :
Host gitbox
User gitolite
Hostname XX.XX.XX.XX
Port 154
PreferredAuthentications publickey
IdentityFile "/c/Documents and Settings/kraymer/.ssh/id_rsa"
When using the git bash CLI, everything works as intended.
I'm struggling with TortoiseGit.
I first installed TortoiseGit with Plink and using Pageant to load ssh private key. The automatic authentication (Pageant) worked but setup was a fail as TortoiseGit don't recognize git repos url formatted as gitolite#gitbox/repo.git.
I then decided to install TortoiseGit using openssh client, so the config file can be read by the ssh client, and to mimic the git CLI setup.
I picked the ssh.exe shipped with msys git as ssh client in TortoiseGit settings.
When doing a git pull, the remote url is now resolved but the passphrase password is asked while I expect ssh-agent automatic authentication to occur.
Is it possible to make TortoiseGit work with ssh-agent ?
Or make TortoiseGit (Plink) aware of .ssh/config ?
Edit #1
Following #VonC advice I configured my $HOME variable.
When I click Show environment variables in TortoiseGit I now have :
HOME=C:\Documents and Settings\kraymer
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\kraymer
But git pull still require I enter passphrase.
No tweaks needed.
Just make TortoiseGit point to the same ssh client used by git itself, see the screenshot:
This should be C:\Program Files\Git\usr\bin\ssh.exe in latest version of Git as mentioned by Aleksey Kontsevich in the comments.
I first installed TortoiseGit with Plink and using Pageant to load ssh private key. The automatic authentication (Pageant) worked but setup was a fail as TortoiseGit don't recognize git repos url formatted as gitolite#gitbox/repo.git.
I finally found a workaround which consist to create a PuTTY session with the same name that the ssh alias (ie gitbox in the question).
This way I can clone as git clone gitbox/monrepo in the CLI and the origin syntax is correctly handled by TortoiseGit.
Windows10 System
#TortoiseGit
In Network Section
From : C:\Program Files\TortoiseGit\bin\TortoiseGitPlink.exe
To : "C:\Users{user}\AppData\Local\Programs\Git\usr\bin\ssh.exe"
There seems to be a whole variety of options to solve this. As none of the above have worked for me, I tought I'd share what helped for me.
In Settings... -> Network -> SSH -> SSH client, set the client to C:\Program Files\TortoiseGit\bin\TortoiseGitPlink.exe. Using Pageant, you're then automatically authenticated as expected, otherwise you are prompted for your private key passphrase. Make sure the "Autoload Putty Key" option is checked in the push dialog.
Cygwin
Use approach described in the following article:
https://help.github.com/articles/working-with-ssh-key-passphrases
Password will be asked only once on the cygwin session startup.
!!! Before exiting cygwin session don't forget to kill ssh-agent process (use ps for find process PID and kill -9).
We are using separate approach for cygwin, because cygwin by some reason doesn't see processes started externally in windows environment.
2, 3) MsysGit, TortoiseGit
Useful link:
http://dogbiscuit.org/mdub/weblog/Tech/WindowsSshAgent
Install MsysGit.
Install TortoiseGit (check openssh instead of plink during installation).
!!! Check systems variables. If there is GIT_SSH variable present - remove it.
Go to TortoiseGit->Settings->General
Set Git exe Path to /bin
Set External dll path to /mingw/bin
Go to TortoiseGit->Settings->Network
Set SSH Client property to /bin/ssh.exe
Define system variable SSH_AUTH_SOCK=C:\temp.ssh-socket
Start cmd.exe and execute following commands(since we installed MsysGit all following commands are accessible in cmd - /bin is added to system PATH variable):
# following command is required to execute for avoiding Address already bind message when ssh-agen is not started yet but .ssh-socket exists after previous agent session
rm "%SSH_AUTH_SOCK%"
# Starting ssh-agent
ssh-agent -a "%SSH_AUTH_SOCK%"
# Adding our openssh key
ssh-add "%USERPROFILE%\.ssh\id_rsa"
# Type password for your key
That's it. From that moment you can execute git push, git pull from TortoiseGit and MsysGit without prompting passphrase.
When ssh-agent is no longer required you can kill it through windows task manager.
None of the above answers worked for me.
I created this batch file to solve the problem.
CALL "C:\Program Files\Git\cmd\start-ssh-agent.cmd"
SETX SSH_AUTH_SOCK "%SSH_AUTH_SOCK%"
SETX SSH_AGENT_PID "%SSH_AGENT_PID%"
Run this once, and enter your passphrase.
Then you can use tortoisegit with openssh without having to enter your passphrase for every operation.
Make sure to launch your TortoiseGit in an environment where HOME is defined, and reference the parent directory of .ssh.
This is important since, on Windows, HOME isn't defined by default.
See as an example: "Auth fails on Windows XP with git and tortoisegit".
(Other possible sources: "How to I tell Git for Windows where to find my private RSA key?")
Since the explanations here are a bit outdated, I decided to post my solution.
I am using Git Bash and TortoiseGit 2.8.0 in Windows 10, which are common nowadays.
I set ssh.exe as SSH client in Settings->Network as explained in previous posts.
I created a script with the following commands, as explained in a previous comment. You might also want to set a HOME environment variable, in case your system does not do it automatically. Assuming your home is in drive H:\ you can add the following lines:
SETX HOME /h
CALL "C:\Program Files\Git\cmd\start-ssh-agent.cmd"
SETX SSH_AUTH_SOCK "%SSH_AUTH_SOCK%"
SETX SSH_AGENT_PID "%SSH_AGENT_PID%"
I added the script using Win logo+R shell:startup to the startup folder. Alternatively, you can add the script to the registry to guarantee that it runs before other processes:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Make sure to type exit to close the console and allow for the variable to be set for future processes.
If you use RSA keys in repositories, add at the end of the script as described above^
CALL "C:\Program Files\Git\cmd\start-ssh-agent.cmd"
...
"C:\Program Files\Git\usr\bin\ssh-add" ~/.ssh/myid.rsa
Works with Git 2.24.0, TortoiseGit 2.9.0, Windows 10 and no any Putty using.
I am trying to use Plink for running commands on remote server. Both, local & remote machine are Windows. Though I am able to connect to the remote machine using Plink, i am not able to use the '-m file' option. I tried the following three ways but to no avail:
Try 1:
plink.exe -ssh -pw mypwd john.doe#server -m file.txt
Output:
Could not chdir to home directory /home/john.doe: No such file or directory
dir: not found
'file.txt' only contains one command i.e., dir
Try 2:
plink.exe -ssh -pw mypwd john.doe#server dir
Output:
Could not chdir to home directory /home/john.doe: No such file or directory
dir: not found
Try 3:
plink.exe -ssh -pw mypwd john.doe#server < file.txt
In this case, I get the following output:
Using username "john.doe".
****USAGE WARNING****
This is a private computer system. This computer system, including all
..... including personal information, placed or sent over this system
may be monitored.
Use of this computer system, authorized or unauthorized, constitutes consent
... constitutes consent to monitoring for these purposes.
dirCould not chdir to home directory /home/john.doe: No such file or directory
Microsoft Windows [Version x.x.xxx]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Program Files\OpenSSH>
After I get the above prompt, it hangs. Any help in this regard?
It seems like plink -m is working fine: the commands from file.txt are being sent to the server.
However, your SSH server is running a shell (probably bash because OpenSSH for Windows uses Cygwin) that does not understand the commands you are using, like move and dir. Because bash implements its own versions of those commands (mv and ls, respectively). As you discovered, you need to run cmd.exe /C out of the Windows directory for your SSH server to correctly interpret the meaning of your commands. The other option is to use the bash versions of the commands directly.
This is working now.
plink -ssh -pw xxx john.doe#server cmd.exe /c move c://sample//jd//file.txt c://test//
You are using OpenSSH over Cygwin on your Windows server.
The Cygwin emulates Unix environment on Windows.
So you have to use Unix, not Windows commands (e.g. mv not move or rename)
And you need to use Unix-like paths, not Windows paths (forward slashes in particular).
Moreover, your server seems wrongly configured.
Could not chdir to home directory /home/john.doe: No such file or directory
This is likely an incorrectly configured account. The error is not related to the commands you are executing.