Port 25 - Communications from the open source community at Microsoft
< Back to Blogs
Technical Analysis: Remote Administration of Windows Systems with SSH by jcannon on June 11, 2008 11:22AM

Abstract: SSH has largely replaced Telnet for remote administration of UNIX and Linux systems, but has not yet been used much on Windows. SSH is generally considered to be more secure than Telnet and the Berkeley remote commands (rlogin, etc). This paper uses SSHWindows, a minimal package of Cygwin and OpenSSH. It is available from http://sshwindows.sourceforge.net. The paper is written such that an average Windows system administrator can get an SSH server up while understanding how to make use of security features.

Download Remote Administration of Windows Systems with SSH (PDF)

Note: This paper represents testing and documentation in a lab environment. User Account Control (UAC) is an essential security component to Windows and Microsoft does not recommend turning off UAC in production environments.

Attachment: Remote Administration of Windows.pdf
Comments RSS
  1. Pit said:

    SSH shouldn't be used on Windows. Install a Linux system to use SSH and live free.

    posted at 10:15AM 06/11/2008
  2. Rich said:

    This paper isn't what's advertised.  It's the earlier paper on using AD Kerberos for *nix SSH authentication.

    posted at 01:44PM 06/11/2008
  3. Ariel said:

    The download link does not go to a document titled "Remote Administration of Windows Systems with SSH "

    posted at 03:32PM 06/11/2008
  4. jcannon said:

    Ariel & Pit - the URL was incorrectly set, I've since fixed it. Thank you for calling this to our attention.

    posted at 05:34PM 06/11/2008
  5. Pablo said:

    It would be great, since MS is committed to Security, if they start to ship OpenSSH on Windows Services for Unix.

    Instead they still ship Telnet :(

    posted at 11:55AM 06/16/2008
  6. angelos said:

    Also note that with a little patch SSH can be made to log all traffic to and from the administrator , thus making the remote actions auditable.

    posted at 08:15AM 06/17/2008
  7. Lionel said:

    Actually, there is a catch with sshd on Windows that is not highlighted in this analysis: public key auth bypasses the documented Windows logon (which requires a password or some kind of secret data).  This can show up as problems accessing network shares, certificates or EFS-encrypted files.

    posted at 01:30PM 06/17/2008
  8. Cristi said:

    Okay, sshd runs on windows, so what? You can do next to nothing with Windows' CLI.

    posted at 05:40AM 06/20/2008
  9. rj24x7 said:

    Windows is trying to become more UNIX-like and that's scary.

    posted at 01:17PM 06/21/2008
  10. Kit Gerrits said:

    If you can do next to nothing on the Windows CLI, you should stay away from it.

    I've performed server migrations from the CLI (with a tiny bit of 'clicking').

    Try looking into 'help' and especially 'net'

    posted at 11:45AM 06/25/2008
Post a Comment
*
*  

Server Center

Search
About jcannon

jcannon My first interaction with computers was in... More...

Read jcannon's Posts Subscribe tojcannon's Posts
Recent Posts by jcannon
 
Archive