- Initial setup of OpenSSH. Please follow official instalation documentation from Microsoft.
- Set up the PowerShell as the default shell for SSH:
New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
- Create an account for Perun (<PERUN_USER>) on the target machine (or create as a domain account). It's recomended to load user profile using following command:
Start-Process cmd /c -Credential $credentials -ErrorAction SilentlyContinue -LoadUserProfile
- Allow SSH only for the specific account by adding the following line to end of the %programdata%\ssh\sshd_config file. Official documentation on allowing or denying accounts
# For local account
AllowUsers <PERUN_USER>
- Forbid password authentication by changing sshd_config.
# From
#PasswordAuthentication yes
# To
PasswordAuthentication no
- Copy the public key for Perun to following files in format:
command="& c:\<INSTALLATION_FOLDER>\perun_connector.ps1 $input; exit $LASTEXITCODE" <PUBLIC KEY>
- C:\Users\<PERUN_USER>\.ssh\authorized_keys
- C:\ProgramData\ssh\administrators_authorized_keys
Restart sshd service
Restart-Service sshd
- Test connection
- Install the Perun Connector Link to github...