I wasn’t lucky enough this week.
I have OpenSSH installed on my Windows Server 2012 R2 using Desired State Configuration and Chocolatey (more about that) with the following configuration:
Configuration SSHServerFeature{ param ( [String]$NodeName )
Import-DscResource -Module cChoco
Node $NodeName { cChocoInstaller installChoco { InstallDir = "c:\choco" } cChocoPackageInstaller installOpenSSH { Name = 'openssh' Ensure = 'Present' DependsOn = "[cChocoInstaller]installChoco" AutoUpgrade = $True } }}Pretty simple, isn’t it? Too much .. after I had it installed, SSH service wasn’t there.
I dug deeper into DSC resource and added the property to installOpenSSH:
Params = '"/SSHServerFeature /KeyBasedAuthenticationFeature"'But, no luck. And I installed service up with C:\Program Files\OpenSSH-Win64\install-sshd.ps1.
Now OpenSSH Server’s service wasn’t starting. It was complaining so unclear that I had to research how to debug sshd on Windows.
The article that helped me very much is — Troubleshooting Steps in GitHub repo for Win32-OpenSSH. But a frustrating surprise was Win32-OpenSSH bug #1304 that lead to the inability of just performing troubleshooting steps, because sshd -d under user account is failing to fork unprivileged child. Oh, gosh…
So, the ultimate way to make OpenSSH Server working after manual crumpling stuff was:
- Install PsExec by Mark Russinovich.
- Delete keys from C:\ProgramData\ssh to avoid any possible issues with ACLs I have changed. Of course, if you already have clients to your server, don’t do this, instead read that article.
- Run:
C:\pstools\PsExec64.exe -s ssh-keygen -A - Run:
C:\pstools\PsExec64.exe -s sshd.exe -d
After client logoff from SSH, sshd started with -d exits and writes to a console something like:
Received disconnect from 10.20.21.28 port 38572:11: disconnected by userDisconnected from 10.20.21.28 port 38572debug1: do_cleanupdebug1: do_cleanupsshd.exe exited on CRM1 with error code 255.It’s ok. When it’s started as a service, it works fine.