ssh-to-win.jpeg
ssh-to-win.jpeg

To make Git Bash the default shell for SSH connections on a Windows 10 machine, follow these steps:

Step 1: Enable SSH Server on Windows 10

Open PowerShell as an Administrator.

Install OpenSSH Server:

Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

Enable and Start the SSH Server:

Set-Service -Name sshd -StartupType 'Automatic'
Start-Service -Name sshd

Step 2: Install Git via Chocolatey

Install Chocolatey:

Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))

Install Git:

choco install git -y

Step 3: Set Git Bash as the Default Shell for SSH

Run the following command to set Git Bash as the default shell for the SSH service:

This command updates the registry to make Git Bash the default shell for SSH connections.

New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name "DefaultShell" -Value "C:\Program Files\Git\bin\bash.exe" -PropertyType String -Force

Step 4: Test SSH Login

On another machine, open a terminal and try logging in via SSH:

Upon successful login, you should be automatically switched to Git Bash.

ssh <username>@<your-windows-machine>

e.g. ssh [email protected]


Key-based authentication in OpenSSH for Windows

  1. Move to the .ssh Directory(Client):

    cd .ssh

    Changes the current directory to .ssh, which typically stores SSH keys.

  2. Generate a New SSH Key Pair:

    ssh-keygen
    |-- id_rsa
    |-- id_rsa.pub
  3. Copy the Public Key to the Remote Server:

    as name: administrators_authorized_keys

2025-02-15_102155.png
2025-02-15_102155.png

scp id_rsa.pub [email protected]:administrators_authorized_keys

Uses scp (secure copy) to transfer the public key file id_rsa.pub to the remote server at IP 10.2.2.80. The file will be saved as administrators_authorized_keys on the remote server under the admin user's home directory.

  1. SSH into the Remote Server(Server):

    ssh USER@RemoteIP

    SSH connection to the remote server specified by RemoteIP using the USER account.

    ssh [email protected]

    admin as username and 10.2.2.80 with the IP address of the remote server.

  2. Move the Key File to the SSH Configuration Directory:

    move administrators_authorized_keys %ProgramData%\ssh

    Moves the administrators_authorized_keys file to the %ProgramData%\ssh directory, which is where Windows stores SSH configuration files.

  3. Move to the SSH Directory:

    cd %ProgramData%\ssh

    Changes the current directory to %ProgramData%\ssh.

  4. Set Permissions on the Authorized Keys File:

    bash

    icacls administrators_authorized_keys /inheritance:r /grant "Administrators:F" /grant "SYSTEM:F"

    Modifies the permissions of the administrators_authorized_keys file. It removes inherited

    permissions and grants full control to the Administrators group and the SYSTEM account.

  5. Use the SSH keys to connect to a remote system without using passwords(Test).
ssh -tq [email protected] "shutdown -s -f -t 0

Connects to a remote server without a password, immediately shuts down the remote server, force-closing all applications.

Related