====== OpenSSH(Open Secure Shell) ====== [[linux:openssh|OpenSSH - Linux]]\\ ===== インストール ===== [[windows:scoop|Scoop]] によるインストール\\ git, openssh のインストール\\ $ scoop install git openssh Installing 'git' (2.26.0.windows.1) [64bit] Loading PortableGit-2.26.0-64-bit.7z.exe from cache Checking hash of PortableGit-2.26.0-64-bit.7z.exe ... ok. Extracting dl.7z ... done. Linking ~\scoop\apps\git\current => ~\scoop\apps\git\2.26.0.windows.1 Creating shim for 'git'. Creating shim for 'gitk'. Creating shim for 'git-gui'. Creating shim for 'tig'. Creating shim for 'git-bash'. Creating shortcut for Git Bash (git-bash.exe) Creating shortcut for Git GUI (git-gui.exe) Creating shortcut for gitk (gitk.exe) Running post-install script... 'git' (2.26.0.windows.1) was installed successfully! Installing 'openssh' (7.6p1) [64bit] Loading gcc-libs-6.4.0-1-x86_64.pkg.tar.xz from cache Checking hash of gcc-libs-6.4.0-1-x86_64.pkg.tar.xz ... ok. Loading heimdal-1.5.3-9-x86_64.pkg.tar.xz from cache Checking hash of heimdal-1.5.3-9-x86_64.pkg.tar.xz ... ok. Loading heimdal-libs-1.5.3-9-x86_64.pkg.tar.xz from cache Checking hash of heimdal-libs-1.5.3-9-x86_64.pkg.tar.xz ... ok. Loading icu-59.1-1-x86_64.pkg.tar.xz from cache Checking hash of icu-59.1-1-x86_64.pkg.tar.xz ... ok. Loading libcrypt-2.1-1-x86_64.pkg.tar.xz from cache Checking hash of libcrypt-2.1-1-x86_64.pkg.tar.xz ... ok. Loading libdb-5.3.28-2-x86_64.pkg.tar.xz from cache Checking hash of libdb-5.3.28-2-x86_64.pkg.tar.xz ... ok. Loading libedit-3.1-20170329-x86_64.pkg.tar.xz from cache Checking hash of libedit-3.1-20170329-x86_64.pkg.tar.xz ... ok. Loading libopenssl-1.0.2.m-1-x86_64.pkg.tar.xz from cache Checking hash of libopenssl-1.0.2.m-1-x86_64.pkg.tar.xz ... ok. Loading libreadline-7.0.003-1-x86_64.pkg.tar.xz from cache Checking hash of libreadline-7.0.003-1-x86_64.pkg.tar.xz ... ok. Loading libsqlite-3.19.3.0-2-x86_64.pkg.tar.xz from cache Checking hash of libsqlite-3.19.3.0-2-x86_64.pkg.tar.xz ... ok. Loading msys2-runtime-2.9.0-2-x86_64.pkg.tar.xz from cache Checking hash of msys2-runtime-2.9.0-2-x86_64.pkg.tar.xz ... ok. Loading ncurses-6.0.20170708-2-x86_64.pkg.tar.xz from cache Checking hash of ncurses-6.0.20170708-2-x86_64.pkg.tar.xz ... ok. Loading openssh-7.6p1-1-x86_64.pkg.tar.xz from cache Checking hash of openssh-7.6p1-1-x86_64.pkg.tar.xz ... ok. Loading zlib-1.2.11-1-x86_64.pkg.tar.xz from cache Checking hash of zlib-1.2.11-1-x86_64.pkg.tar.xz ... ok. Loading bash-4.4.012-1-x86_64.pkg.tar.xz from cache Checking hash of bash-4.4.012-1-x86_64.pkg.tar.xz ... ok. Extracting gcc-libs-6.4.0-1-x86_64.pkg.tar.xz ... done. Extracting heimdal-1.5.3-9-x86_64.pkg.tar.xz ... done. Extracting heimdal-libs-1.5.3-9-x86_64.pkg.tar.xz ... done. Extracting icu-59.1-1-x86_64.pkg.tar.xz ... done. Extracting libcrypt-2.1-1-x86_64.pkg.tar.xz ... done. Extracting libdb-5.3.28-2-x86_64.pkg.tar.xz ... done. Extracting libedit-3.1-20170329-x86_64.pkg.tar.xz ... done. Extracting libopenssl-1.0.2.m-1-x86_64.pkg.tar.xz ... done. Extracting libreadline-7.0.003-1-x86_64.pkg.tar.xz ... done. Extracting libsqlite-3.19.3.0-2-x86_64.pkg.tar.xz ... done. Extracting msys2-runtime-2.9.0-2-x86_64.pkg.tar.xz ... done. Extracting ncurses-6.0.20170708-2-x86_64.pkg.tar.xz ... done. Extracting openssh-7.6p1-1-x86_64.pkg.tar.xz ... done. Extracting zlib-1.2.11-1-x86_64.pkg.tar.xz ... done. Extracting bash-4.4.012-1-x86_64.pkg.tar.xz ... done. Running pre-install script... Directory: C:\Users\tomoyan\scoop\apps\openssh\7.6p1 Mode LastWriteTime Length Name ---- ------------- ------ ---- d---- 2020/04/01 6:26 tmp d---- 2020/04/01 6:26 home Directory: C:\Users\tomoyan\scoop\apps\openssh\7.6p1\home Mode LastWriteTime Length Name ---- ------------- ------ ---- d---- 2020/04/01 6:26 tomoyan Directory: C:\Users\tomoyan Mode LastWriteTime Length Name ---- ------------- ------ ---- d---- 2019/08/14 16:03 .ssh C:\Users\tomoyan\scoop\apps\openssh\7.6p1\home\tomoyan\.ssh <<===>> C:\Users\tomoyan\.ssh のジャンクションが作成されました Linking ~\scoop\apps\openssh\current => ~\scoop\apps\openssh\7.6p1 Creating shim for 'findssl.sh'. Creating shim for 'scp'. Creating shim for 'sftp'. Creating shim for 'ssh'. Creating shim for 'ssh-add'. Creating shim for 'ssh-agent'. Creating shim for 'ssh-copy-id'. Creating shim for 'ssh-keygen'. Creating shim for 'ssh-keyscan'. Creating shim for 'sshd'. 'openssh' (7.6p1) was installed successfully! pshazz のインストール\\ $ scoop install pshazz Installing 'pshazz' (0.2019.08.07) [64bit] Downloading https://github.com/lukesampson/pshazz/archive/30609306103dd2988353e44596c6093c688b0ea5.zip (-1 B)... Checking hash of 30609306103dd2988353e44596c6093c688b0ea5.zip ... ok. Extracting 30609306103dd2988353e44596c6093c688b0ea5.zip ... done. Adding pshazz to your powershell profile. _ _ _ __ ___| |__ __ _ _______| | | '_ \/ __| '_ \ / _` |_ /_ / | | |_) \__ \ | | | (_| |/ / / /|_| | .__/|___/_| |_|\__,_/___/___(_) |_| The ssh-agent service is disabled. Please enable the service and try again. You can enable it by running 'Set-Service ssh-agent -StartupType Manual' Your PowerShell is now powered by pshazz! Linking ~\scoop\apps\pshazz\current => ~\scoop\apps\pshazz\0.2019.08.07 Creating shim for 'pshazz'. 'pshazz' (0.2019.08.07) was installed successfully! ===== 公開/秘密キーのペアの生成 ===== ==== RSA 4096 bit の場合 ==== RSA - Rivest-Shamir-Adleman\\ [[wpjp>RSA暗号|RSA暗号 - Wikipedia]]\\ $ cd ~ $ ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa_tomoyan-2020 -C "Monster's Garage Co.,Ltd. TomoYan RSA" Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): **************** Enter same passphrase again: **************** Your identification has been saved in .ssh/id_rsa_tomoyan-2020. Your public key has been saved in .ssh/id_rsa_tomoyan-2020.pub. The key fingerprint is: SHA256:H7Uqk4RsQzVbkkcGjg93H9gTFcYkoIKfOWbyeNzM69g Monster's Garage Co.,Ltd. TomoYan RSA The key's randomart image is: +---[RSA 4096]----+ | =+=.o+=. | | . +.B.o +. | | . = =.o = | | + O . o + | | . % S . o | | O B o o | | . + B o | | . o + | | ..E | +----[SHA256]-----+ ==== ECDSA 521 bit の場合 ==== ECDSA - Elliptic Curve Digital Signature Algorithm\\ [[wpjp>楕円曲線DSA|楕円曲線DSA - Wikipedia]]\\ $ cd ~ $ ssh-keygen -t ecdsa -b 521 -f ~/.ssh/id_ecdsa_tomoyan-2020 -C "Monster's Garage Co.,Ltd. TomoYan ECDSA" Generating public/private ecdsa key pair. Enter passphrase (empty for no passphrase): **************** Enter same passphrase again: **************** Your identification has been saved in .ssh/id_ecdsa_tomoyan-2020. Your public key has been saved in .ssh/id_ecdsa_tomoyan-2020.pub. The key fingerprint is: SHA256:UsCHI8qiuNFymE3RSFOC1UyYTwxG+8fyUEtzvgxoIAg Monster's Garage Co.,Ltd. TomoYan ECDSA The key's randomart image is: +---[ECDSA 521]---+ |E=O%o... | |+.=+B +.. | |o.o= .+oo | |..+o.= * | |oB * * S | |B +. = + . | | = . o | |. | | | +----[SHA256]-----+ ==== Ed25519 の場合 ==== Ed25519 - EdDSA - Edwards-curve Digital Signature Algorithm\\ [[wpjp>エドワーズ曲線デジタル署名アルゴリズム|エドワーズ曲線デジタル署名アルゴリズム - Wikipedia]]\\ $ cd ~ $ ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_tomoyan-2021 -C "Monster's Garage Co.,Ltd. TomoYan Ed25519" Generating public/private ed25519 key pair. Enter passphrase (empty for no passphrase): **************** Enter same passphrase again: **************** Your identification has been saved in .ssh/id_ed25519_tomoyan-2021. Your public key has been saved in .ssh/id_ed25519_tomoyan-2021.pub. The key fingerprint is: SHA256:9FaSUchPixc7/46hFPnpjn50bCfAleMrD+AmGukbJAY Monster's Garage Co.,Ltd. TomoYan Ed25519 The key's randomart image is: +--[ED25519 256]--+ | ..o. . | | ooo + | | E . o=.* . | | . . .ooO.. | | o ..S.ooo+ o | | . oo ..o oo=.=| | ..o o .=+=.| | o. . +oo.| | .. .+o+..| +----[SHA256]-----+ ===== 公開キーの登録 ===== $ cat .ssh/id_ed25519_tomoyan-2021.pub ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIQZ2+HYiPH+KFyCtcqSqqe3sCRnPObwv/bITzuifaan Monster's Garage Co.,Ltd. TomoYan Ed25519 $ cat ~/.ssh/id_ed25519_tomoyan-2021.pub >> ~/.ssh/authorized_keys $ cat ~/.ssh/authorized_keys ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIQZ2+HYiPH+KFyCtcqSqqe3sCRnPObwv/bITzuifaan Monster's Garage Co.,Ltd. TomoYan Ed25519 ===== scoop で利用可能な OpenSSH の配布形態 ===== 2021/06/15 現在、本家である [[https://www.openssh.com/|OpenSSH]] では 2021/04/19 に [[https://www.openssh.com/txt/release-8.6|OpenSSH 8.6]] がリリースされている状況である。\\ Fedora 34 では openssh-8.6p1-3 がリリースされている。\\ $ dnf info openssh インストール済みパッケージ 名前 : openssh バージョン : 8.6p1 リリース : 3.fc34 Arch : x86_64 サイズ : 1.8 M ソース : openssh-8.6p1-3.fc34.src.rpm リポジトリー : @System repo から : updates 概要 : An open source implementation of SSH protocol version 2 URL : http://www.openssh.com/portable.html ライセンス : BSD 説明 : SSH (Secure SHell) is a program for logging into and executing : commands on a remote machine. SSH is intended to replace rlogin and : rsh, and to provide secure encrypted communications between two : untrusted hosts over an insecure network. X11 connections and : arbitrary TCP/IP ports can also be forwarded over the secure channel. : : OpenSSH is OpenBSD's version of the last free version of SSH, bringing : it up to date in terms of security and features. : : This package includes the core files necessary for both the OpenSSH : client and server. To make this package useful, you should also : install openssh-clients, openssh-server, or both. scoop の main bucket の配布状況は以下のような感じである。\\ $ scoop search openssh 'main' bucket: git-with-openssh (2.30.1.windows.1) mls-software-openssh (8.4p1-2) openssh (8.2p1-1) win32-openssh (8.1.0.0p1-Beta) [[https://www.openssh.com/|OpenSSH]]\\ $ scoop info openssh Name: openssh Description: A suite of secure networking utilities based on the Secure Shell protocol. Version: 8.2p1-1 Website: https://www.openssh.com/ License: ISC (https://spdx.org/licenses/ISC.html) Manifest: C:\Users\tomoyan\scoop\buckets\main\bucket\openssh.json Installed: No Binaries: findssl.sh.exe usr\bin\scp.exe usr\bin\sftp.exe usr\bin\ssh.exe usr\bin\ssh-add.exe usr\bin\ssh-agent.exe ssh-copy-id.exe usr\bin\ssh-keygen.exe usr\bin\ssh-keyscan.exe usr\bin\sshd.exe [[https://github.com/PowerShell/Win32-OpenSSH|PowerShell/Win32-OpenSSH: Win32 port of OpenSSH]]\\ $ scoop info win32-openssh Name: win32-openssh Description: A suite of secure networking utilities based on the Secure Shell protocol. (Microsoft port) Version: 8.1.0.0p1-Beta Website: https://github.com/PowerShell/Win32-OpenSSH License: BSD-3-Clause (https://github.com/PowerShell/openssh-portable/blob/latestw_all/LICENCE) Manifest: C:\Users\tomoyan\scoop\buckets\main\bucket\win32-openssh.json Installed: No Binaries: scp.exe sftp.exe sftp-server.exe ssh-add.exe ssh-agent.exe ssh-keygen.exe ssh-keyscan.exe ssh-shellhost.exe ssh.exe sshd.exe Notes ----- This is a pre-release (non-production ready) Run 'sudo C:\Users\tomoyan\scoop\apps\win32-openssh\current\install-sshd.ps1' to install sshd and ssh-agent as a service. Run 'sudo C:\Users\tomoyan\scoop\apps\win32-openssh\current\uninstall-sshd.ps1' to uninstall the services. [[https://www.mls-software.com/opensshd.html|mls-software.com]]\\ $ scoop info mls-software-openssh Name: mls-software-openssh Description: A Windows installer package of Openssh for Windows that is actively maintained and current. Version: 8.4p1-2 Website: https://www.mls-software.com/opensshd.html License: ISC (https://spdx.org/licenses/ISC.html) Manifest: C:\Users\tomoyan\scoop\buckets\main\bucket\mls-software-openssh.json Installed: No Binaries: bin\scp.exe bin\sftp.exe bin\ssh-add.exe bin\ssh-agent.exe bin\ssh-keygen.exe bin\ssh-keyscan.exe bin\ssh.exe [[https://gitforwindows.org/|Git for Windows]]\\ $ scoop info git-with-openssh Name: git-with-openssh Description: Distributed version control system Version: 2.30.1.windows.1 Website: https://gitforwindows.org License: GPL-2.0-only (https://spdx.org/licenses/GPL-2.0-only.html) Manifest: C:\Users\tomoyan\scoop\buckets\main\bucket\git-with-openssh.json Installed: No Binaries: cmd\git.exe cmd\gitk.exe cmd\git-gui.exe git-bash.exe usr\bin\ssh.exe usr\bin\sshd.exe usr\bin\scp.exe usr\bin\sftp.exe usr\bin\ssh-add.exe usr\bin\ssh-agent.exe usr\bin\ssh-keygen.exe usr\bin\ssh-keyscan.exe usr\bin\tig.exe Environment: (simulated) GIT_INSTALL_ROOT=C:\Users\tomoyan\scoop\apps\git\current ===== 参考文献 ===== [[qita>wnoguchi/items/a72a042bb8159c35d056|2017年版 SSH公開鍵認証で使用する秘密鍵ペアの作り方 - Qiita]]\\ ==== 付録 ==== [[tw>tomoyan596/status/1403806629703741441|RSA暗号は設計者の名前が由来でしたよねぇ🤔 Rivest-Shamir-Adleman 長すぎです😅 / Twitter]]\\