OpenSSH for Windows uses Windows' user database for login authentication. That mean you must have a User name and Password setup to login to your home computer. If you don't, you have 2 choices. 1, set a password on your Windows account, or 2, create a new local account that you will use to login from SSH. I know a lot of people out there don't use logins or passwords on their home computer, but if you're using NT, 2000, or XP, the functionality is there, even if you don't use it.
There are many different flavors of Windows, with different methods of creating a local user. There's no way I can cover all of them, but here are a few examples;
To create a new account on your home machine (Windows XP): - Start Menu, open Control Panel, then User Accounts.
- Click Advanced tab, then the Advanced button.
- Highlight Users, then click Actions, then New User.
- Enter a User name, and a Password twice. I recommend you use a User name and Password that is different than anything you have ever used at work. Obviously, your employer probably knows your password, so there's no security if you use the same password at home.
- Deselect User must change password at next logon.
- Check Password never expires.
- Click Create.
- Close the Windows, close Control Panel.
You should now have a new local Windows user on your home machine. Remember the Login name and password for later.
Configure the SSH Server
We want to configure your SSH server to allow access using User name and Passwords, and to listen on port 443 instead of port 22.
Why port 443 instead of port 22? In most cases your employer will block almost all outgoing network ports except for port 80 and port 443, which are the 2 ports that webservers run on. I used to tell people to run SSH on port 80 because that's the standard webserver port, but now I recommend you run it on 443. Port 443 is used for encrypted websites, which is what your shunnel traffic will look like as it passes through the firewall. If you have trouble on port 443, try it on port 80 instead. If neither work, you're probably out of luck.
Open Windows Explorer, navigate to C:\Program Files\OpenSSH\etc. Open the file sshd_config using Wordpad. (That's sshd_config not ssh_config!)
Change the line
#Port 22
to
Port 443
Save the file.
| Now open a command prompt. Change to C:\Program Files\OpenSSH\bin. We are going to create a user and group database from your Windows user database. Type the following;
mkgroup -l > ..\etc\group
Then
mkpasswd -l > ..\etc\passwd
These 2 commands will create group and password files at C:\Program File\OpenSSH\etc
|
No comments:
Post a Comment