You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Alternate forms of authentication, such as key base authentication, will not be supported as it requires safely generating and distributing private/public keys.
Are y'all referring to:
actually generating ssh keys (ssh on server creates a set of keys for host authentication using ssh-keygen) because key generation might be vulnerable to someone monitoring memory/cache?
or
generating a user key (via ssh-keygen) and distributing it to a potential remote host (which is done with ssh-copy-id on other platforms)?
If the latter, I see that as easily addressable since there are plenty of other examples out there.
Not a fan of 'All', would prefer 'ClientAndServer' as it makes it more clear what will happen.
Regarding public key auth, we have an issue open against our OpenSSH port to create a version of ssh-copy-id for Windows as it's currently implemented as a Bash script. It's probably better to have the user understand public key auth and generate their own keys rather than for this cmdlet to do that. This cmdlet is just targeting the novice user and really making it easy to install OpenSSH and modify sshd_config to enable PSRP.
@PowerShell/powershell-committee today only included myself, @JamesWTruher, @SteveL-MSFT, and @daxian-dbw. Without making a statement on implementation or timing, we agree that the alternate proposal here of only validating the sshd install and adding a line to sshd_config for subsystem should the minimal approach.
Also, we noticed that the WinSSH module already takes care of some of this. We should look at that implementation has a strawman.
Feedback for https://github.com/PowerShell/PowerShell-RFC/blob/master/1-Draft/RFC0012-Enable-SSH-Remoting.md
The text was updated successfully, but these errors were encountered: