diff --git a/Gemfile b/Gemfile index 7c80a25..7b2f6ce 100644 --- a/Gemfile +++ b/Gemfile @@ -36,4 +36,5 @@ gem 'jekyll-mentions' gem 'jekyll-seo-tag' gem "jekyll-github-metadata" gem 'jekyll-avatar' -gem 'html-pipeline' \ No newline at end of file +gem 'html-pipeline' +gem "webrick", "~> 1.7" diff --git a/Gemfile.lock b/Gemfile.lock index 400bd8e..3202145 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,30 +1,47 @@ GEM remote: https://rubygems.org/ specs: - activesupport (6.0.3.3) + activesupport (6.0.4) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) zeitwerk (~> 2.2, >= 2.2.2) - addressable (2.7.0) + addressable (2.8.0) public_suffix (>= 2.0.2, < 5.0) colorator (1.1.0) - concurrent-ruby (1.1.7) - em-websocket (0.5.1) + concurrent-ruby (1.1.9) + em-websocket (0.5.2) eventmachine (>= 0.12.9) http_parser.rb (~> 0.6.0) eventmachine (1.2.7) - faraday (1.0.1) + faraday (1.6.0) + faraday-em_http (~> 1.0) + faraday-em_synchrony (~> 1.0) + faraday-excon (~> 1.1) + faraday-httpclient (~> 1.0.1) + faraday-net_http (~> 1.0) + faraday-net_http_persistent (~> 1.1) + faraday-patron (~> 1.0) + faraday-rack (~> 1.0) multipart-post (>= 1.2, < 3) - ffi (1.13.1) + ruby2_keywords (>= 0.0.4) + faraday-em_http (1.0.0) + faraday-em_synchrony (1.0.0) + faraday-excon (1.1.0) + faraday-httpclient (1.0.1) + faraday-net_http (1.0.1) + faraday-net_http_persistent (1.2.0) + faraday-patron (1.0.0) + faraday-rack (1.0.0) + ffi (1.15.3) forwardable-extended (2.6.0) gemoji (3.0.1) html-pipeline (2.14.0) activesupport (>= 2) nokogiri (>= 1.4) http_parser.rb (0.6.0) - i18n (1.8.5) + i18n (1.8.10) concurrent-ruby (~> 1.0) jekyll (4.0.1) addressable (~> 2.4) @@ -43,7 +60,7 @@ GEM terminal-table (~> 1.8) jekyll-avatar (0.7.0) jekyll (>= 3.0, < 5.0) - jekyll-feed (0.15.0) + jekyll-feed (0.15.1) jekyll (>= 3.7, < 5.0) jekyll-github-metadata (2.13.0) jekyll (>= 3.4, < 5.0) @@ -55,39 +72,40 @@ GEM jekyll (>= 3.3, < 5.0) jekyll-sass-converter (2.1.0) sassc (> 2.0.1, < 3.0) - jekyll-seo-tag (2.6.1) - jekyll (>= 3.3, < 5.0) + jekyll-seo-tag (2.7.1) + jekyll (>= 3.8, < 5.0) jekyll-watch (2.2.1) listen (~> 3.0) jemoji (0.12.0) gemoji (~> 3.0) html-pipeline (~> 2.2) jekyll (>= 3.0, < 5.0) - kramdown (2.3.0) + kramdown (2.3.1) rexml kramdown-parser-gfm (1.1.0) kramdown (~> 2.0) liquid (4.0.3) - listen (3.2.1) + listen (3.6.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.3.6) - mini_portile2 (2.4.0) - minitest (5.14.2) + minitest (5.14.4) multipart-post (2.1.1) - nokogiri (1.10.10) - mini_portile2 (~> 2.4.0) - octokit (4.18.0) + nokogiri (1.11.7-x86_64-linux) + racc (~> 1.4) + octokit (4.21.0) faraday (>= 0.9) sawyer (~> 0.8.0, >= 0.5.3) pathutil (0.16.2) forwardable-extended (~> 2.6) public_suffix (4.0.6) - rb-fsevent (0.10.4) + racc (1.5.2) + rb-fsevent (0.11.0) rb-inotify (0.10.1) ffi (~> 1.0) - rexml (3.2.4) - rouge (3.23.0) + rexml (3.2.5) + rouge (3.26.0) + ruby2_keywords (0.0.5) safe_yaml (1.0.5) sassc (2.4.0) ffi (~> 1.9) @@ -97,16 +115,17 @@ GEM terminal-table (1.8.0) unicode-display_width (~> 1.1, >= 1.1.1) thread_safe (0.3.6) - tzinfo (1.2.7) + tzinfo (1.2.9) thread_safe (~> 0.1) - tzinfo-data (1.2020.1) + tzinfo-data (1.2021.1) tzinfo (>= 1.0.0) unicode-display_width (1.7.0) wdm (0.1.1) - zeitwerk (2.4.0) + webrick (1.7.0) + zeitwerk (2.4.2) PLATFORMS - ruby + x86_64-linux DEPENDENCIES html-pipeline @@ -121,6 +140,7 @@ DEPENDENCIES tzinfo (~> 1.2) tzinfo-data wdm (~> 0.1.1) + webrick (~> 1.7) BUNDLED WITH - 2.1.4 + 2.2.21 diff --git a/_drafts/2021-07-06-Windows-SSH.md b/_drafts/2021-07-06-Windows-SSH.md new file mode 100644 index 0000000..8f23ca5 --- /dev/null +++ b/_drafts/2021-07-06-Windows-SSH.md @@ -0,0 +1,81 @@ +--- +layout: page +title: "Configuring a native SSH server on Windows 10" +description: "A tutorial for future me" +date: 2021-07-07 +written: 2021-07-07 +tags: reference +excerpt: >- + I commonly need to configure SSH servers on remote Windows 10 boxes. This post covers the whole process. +--- + +Between work, school, and just helping various people out with things, I end up needing to quickly spin up SSH servers on windows machines *a lot*. Despite what you might think, this functionality is actually built right in to Windows 10, and fairly easy to enable. + +## Enabling the OpenSSH service + +Just like many Linux machines, Windows uses the [OpenSSH](https://www.openssh.com/) server internally. This used to be controlled by a feature flag in the *"Turn Windows features on or off"* dialog, but this can now be done through [PowerShell](https://en.wikipedia.org/wiki/PowerShell) (as a local administrator). + +First, we need to add the OpenSSH capability to Windows, and enable the service: + +```powershell +# Add the capability +Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 +Start-Service sshd + +# Start on boot +Set-Service -Name sshd -StartupType 'Automatic' +``` + +This should also automatically configure the firewall, but you can manually verify this and enable the rules yourself if needed: + +```powershell +# Check firewall +Get-NetFirewallRule -Name *ssh* + +# If needed, add a firewall rule +New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22 +``` + +## Setting up key-based authentication + +While we are on the Windows side, it is a good idea to install Git and Git Bash from [here](https://git-scm.com/downloads). Then, inside Git Bash, run the following to generate SSH keys on the Windows server: + +```sh +# Generate +ssh-keygen.exe + +# View the public key +cat ~/.ssh/id_rsa.pub +``` + +On your client (for me, a Linux laptop), you must generate SSH keys, and copy the public key over to the Windows server. + +The path for the file in Windows depends on your user type. Regular users append their keys to `C:\Users\\.ssh\authorized_keys` (remembering to change the ``), whereas local admins must append their keys to `C:\ProgramData\ssh\administrators_authorized_keys`, then update the permissions on that file with: + +```powershell +icacls.exe "C:\ProgramData\ssh\administrators_authorized_keys" /inheritance:r /grant "Administrators:F" /grant "SYSTEM:F" +``` + +## Configuring SSH clients to automatically launch bash + +By default, incoming SSH connections spawn a `cmd.exe` shell. I much prefer being dropped straight into [Bash](https://en.wikipedia.org/wiki/Bash_(Unix_shell)). + +To do this, you must modify your client's `~/.ssh/config` file to add a `RemoteCommand`. An example for one of my machines looks similar to: + +``` +Host hostname + HostName hostname.example.com + RequestTTY force + User ewpratten + RemoteCommand powershell "& 'C:\Program Files\Git\bin\sh.exe' --login" +``` + +The last line is the actual command to launch Bash (through PowerShell). + +## Uninstalling and disabling OpenSSH + +This is a simple one-liner: + +```powershell +Remove-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 +``` diff --git a/index.html b/index.html index bc51efa..c8231dd 100644 --- a/index.html +++ b/index.html @@ -62,12 +62,10 @@ uses:

Who I am

-

I am a senior-year Highschool student who studies computer science, a Canadian amateur radio - operator (callsign va3zza), and am one of the - primary - software - developers - writing the code that powers competition-ready robots at I am a first-year college student, studying Information Security at Sheridan College, + starting this fall. I develop software both as a hobby, and professionally, and have been + programming since I was in the 5th grade. I am also a Canadian amateur radio operator + (callsign VA3ZZA), and the former Lead Software Developer at Raider Robotics.

@@ -177,6 +175,11 @@ uses:
+
+ +