pwsh and openssh on windows


to install powershell either download the zip/msi from github page or you can install thru chocolatey. But I preferred going with msi file for now.

The claim is that you can run powershell core side-by-side, which is not a requirement for me- but wanted to move over to it for some time now.

Anyway, I installed this in C:\PowerShell\6.0.1 directory & added it to Path environment variable on the machine- so is accessible to all uesrs.

So far it is all working quite well. One of the things I like is the to bring my bag of scripts. One such is to list all the files in current directory as full path.

gci -r | where {!$_.PSIscontainer} | select-object FullName

But it is much easier to remember if stored as an alias and/or a function. Thus added it to by $profile.

vim C:\Users\<user-name>\Documents\PowerShell\Microsoft.PowerShell_profile.ps1

Here is my $profile:

Import-Module 'C:\GitHub\posh-git\src\posh-git.psd1'
Set-Alias np C:\Windows\notepad.exe
Set-Alias ss c:\inpath\systemstats.exe

function lastcommit {git log --show-signature -1}
function listcommits {git log --pretty="format:%h %G? %ad %aN  %s"}
function listprocs {Get-Process | Sort WS -descending | select -First 20}
function lst {Param($DirName) gci -r $DirName | where {!$_.PSIscontainer} | select-object FullName }
function setTitle {Param($TitleStr) $host.ui.RawUI.WindowTitle = $TitleStr}

I did install posh-git as the only extension.


Now I already had rsa keys generated thru putty, thus using the .ssh directory as it is. Similar to pwsh, downloaded the binaries from Win32-OpenSSH git repository. Installed it in directory C:\Program Files\OpenSSH-Win64 and added it to Path environment variable at machine level.

This wiki page has some good information about installing openssh. For me it was not setting up server, just ensuring that various services are started and setup correctly.

cd 'C:\Program Files\OpenSSH-Win64'
pwsh.exe -ExecutionPolicy Bypass -File install-sshd.ps1

# this will register the ssh-agent service to be started 
# automatically on reboot, and will start it if not already running
Set-Service ssh-agent -StartupType Automatic

Now the most important part is setting up the access permissions on private keys, without it ssh-add will just reject the keys!

Permissions for '~/.ssh/id_rsa' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.

On *nix systems you can setup correct permissions with chmod, but windows is a different ball game. I tried chmod thru pwsh and ubuntu as wsl without success. It was much easier to change change the directory permissions.

The idea is that your files in ~\.ssh should not inherit permissions and MUST be accessible by just you. Plus they MUST not be modifiable- just readable.

Note: this MUST be done for all of the following:

  1. private keys
  2. public keys
  3. config file

Once this was done I was able to get past this error and things worked quite well.

D:\blog\hugo\nullptr\public [master ≡ +1 ~37 -0 ~]> git commit -m "update"
[master 86d414c] update
 38 files changed, 1189 insertions(+), 876 deletions(-)
 create mode 100644 2018/03/09/pwsh-and-openssh-on-windows/index.html
D:\blog\hugo\nullptr\public [master ↑1]> git push origin master
Enter passphrase for key '/c/Users/sarangb/.ssh/id_rsa':
Counting objects: 80, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (46/46), done.
Writing objects: 100% (80/80), 21.37 KiB | 1.78 MiB/s, done.
Total 80 (delta 39), reused 0 (delta 0)
remote: Resolving deltas: 100% (39/39), completed with 38 local objects.
   e55bc02..86d414c  master -> master
D:\blog\hugo\nullptr\public [master ≡]>