OpenSSH for Windows

I've pretty much given up on trying to extract the key bits from Cygwin in order to setup a SSHD server. The OpenSSH for Windows project at SourceForge seems to have what I'm looking for, they just don't have the RSync application included.

For an excellent introduction to SSH, check out OpenSSH for the impatient.

For setting up OpenSSH on a server, go ahead and grab the packages from the OpenSSH for Windows SourceForge project. The version that I'm using at the moment is "setupssh381-20040709". Inside that file you'll find a "setupssh.exe" which will install the packages as well as creating the Windows Service. I like to install my copy to "c:\bin\openssh".

Now open up the "c:\bin\openssh\docs\readme.txt" (or quickstart.txt) and follow the directions in order to create the "group" and "passwd" files. Then start up the OpenSSHD service (either from the command line as shown in quickstart.txt or using the Services control panel).

You should now be setup so that you can SSH in to the server from another workstation and get a command prompt on the server. However, the default install is pretty good in security, so you should not need to change anything sshd_config file. However, some things you may wish to change are:

1) The default server key-length is 1024 bits (which is okay, but not outstanding anymore). The man page says key lengths over 1024 bits don't matter, but another books says you should use 2048 bit keys.

2) Some key variables in the sshd_config file are:

a) PermitRootLogin - should be set to "no" which prevents you from logging in as root from another machine.

b) RSAAuthentication - setting this to no will disable the ability to login with a SSH1 client (I think...). The default sshd_config file has this explicitly set to "no".

c) PasswordAuthentication - you may want to change this to "no" and force users to setup a public/private key pair in order to login to the server.

(note: this post was never completed... so use with a grain of salt)