====== OpenSSH(Open Secure Shell) ======
[[linux:openssh|OpenSSH - Linux]]\\
===== インストール =====
[[windows:scoop|Scoop]] によるインストール\\
git, openssh のインストール\\
$ scoop install git openssh
Installing 'git' (2.26.0.windows.1) [64bit]
Loading PortableGit-2.26.0-64-bit.7z.exe from cache
Checking hash of PortableGit-2.26.0-64-bit.7z.exe ... ok.
Extracting dl.7z ... done.
Linking ~\scoop\apps\git\current => ~\scoop\apps\git\2.26.0.windows.1
Creating shim for 'git'.
Creating shim for 'gitk'.
Creating shim for 'git-gui'.
Creating shim for 'tig'.
Creating shim for 'git-bash'.
Creating shortcut for Git Bash (git-bash.exe)
Creating shortcut for Git GUI (git-gui.exe)
Creating shortcut for gitk (gitk.exe)
Running post-install script...
'git' (2.26.0.windows.1) was installed successfully!
Installing 'openssh' (7.6p1) [64bit]
Loading gcc-libs-6.4.0-1-x86_64.pkg.tar.xz from cache
Checking hash of gcc-libs-6.4.0-1-x86_64.pkg.tar.xz ... ok.
Loading heimdal-1.5.3-9-x86_64.pkg.tar.xz from cache
Checking hash of heimdal-1.5.3-9-x86_64.pkg.tar.xz ... ok.
Loading heimdal-libs-1.5.3-9-x86_64.pkg.tar.xz from cache
Checking hash of heimdal-libs-1.5.3-9-x86_64.pkg.tar.xz ... ok.
Loading icu-59.1-1-x86_64.pkg.tar.xz from cache
Checking hash of icu-59.1-1-x86_64.pkg.tar.xz ... ok.
Loading libcrypt-2.1-1-x86_64.pkg.tar.xz from cache
Checking hash of libcrypt-2.1-1-x86_64.pkg.tar.xz ... ok.
Loading libdb-5.3.28-2-x86_64.pkg.tar.xz from cache
Checking hash of libdb-5.3.28-2-x86_64.pkg.tar.xz ... ok.
Loading libedit-3.1-20170329-x86_64.pkg.tar.xz from cache
Checking hash of libedit-3.1-20170329-x86_64.pkg.tar.xz ... ok.
Loading libopenssl-1.0.2.m-1-x86_64.pkg.tar.xz from cache
Checking hash of libopenssl-1.0.2.m-1-x86_64.pkg.tar.xz ... ok.
Loading libreadline-7.0.003-1-x86_64.pkg.tar.xz from cache
Checking hash of libreadline-7.0.003-1-x86_64.pkg.tar.xz ... ok.
Loading libsqlite-3.19.3.0-2-x86_64.pkg.tar.xz from cache
Checking hash of libsqlite-3.19.3.0-2-x86_64.pkg.tar.xz ... ok.
Loading msys2-runtime-2.9.0-2-x86_64.pkg.tar.xz from cache
Checking hash of msys2-runtime-2.9.0-2-x86_64.pkg.tar.xz ... ok.
Loading ncurses-6.0.20170708-2-x86_64.pkg.tar.xz from cache
Checking hash of ncurses-6.0.20170708-2-x86_64.pkg.tar.xz ... ok.
Loading openssh-7.6p1-1-x86_64.pkg.tar.xz from cache
Checking hash of openssh-7.6p1-1-x86_64.pkg.tar.xz ... ok.
Loading zlib-1.2.11-1-x86_64.pkg.tar.xz from cache
Checking hash of zlib-1.2.11-1-x86_64.pkg.tar.xz ... ok.
Loading bash-4.4.012-1-x86_64.pkg.tar.xz from cache
Checking hash of bash-4.4.012-1-x86_64.pkg.tar.xz ... ok.
Extracting gcc-libs-6.4.0-1-x86_64.pkg.tar.xz ... done.
Extracting heimdal-1.5.3-9-x86_64.pkg.tar.xz ... done.
Extracting heimdal-libs-1.5.3-9-x86_64.pkg.tar.xz ... done.
Extracting icu-59.1-1-x86_64.pkg.tar.xz ... done.
Extracting libcrypt-2.1-1-x86_64.pkg.tar.xz ... done.
Extracting libdb-5.3.28-2-x86_64.pkg.tar.xz ... done.
Extracting libedit-3.1-20170329-x86_64.pkg.tar.xz ... done.
Extracting libopenssl-1.0.2.m-1-x86_64.pkg.tar.xz ... done.
Extracting libreadline-7.0.003-1-x86_64.pkg.tar.xz ... done.
Extracting libsqlite-3.19.3.0-2-x86_64.pkg.tar.xz ... done.
Extracting msys2-runtime-2.9.0-2-x86_64.pkg.tar.xz ... done.
Extracting ncurses-6.0.20170708-2-x86_64.pkg.tar.xz ... done.
Extracting openssh-7.6p1-1-x86_64.pkg.tar.xz ... done.
Extracting zlib-1.2.11-1-x86_64.pkg.tar.xz ... done.
Extracting bash-4.4.012-1-x86_64.pkg.tar.xz ... done.
Running pre-install script...
Directory: C:\Users\tomoyan\scoop\apps\openssh\7.6p1
Mode LastWriteTime Length Name
---- ------------- ------ ----
d---- 2020/04/01 6:26 tmp
d---- 2020/04/01 6:26 home
Directory: C:\Users\tomoyan\scoop\apps\openssh\7.6p1\home
Mode LastWriteTime Length Name
---- ------------- ------ ----
d---- 2020/04/01 6:26 tomoyan
Directory: C:\Users\tomoyan
Mode LastWriteTime Length Name
---- ------------- ------ ----
d---- 2019/08/14 16:03 .ssh
C:\Users\tomoyan\scoop\apps\openssh\7.6p1\home\tomoyan\.ssh <<===>> C:\Users\tomoyan\.ssh のジャンクションが作成されました
Linking ~\scoop\apps\openssh\current => ~\scoop\apps\openssh\7.6p1
Creating shim for 'findssl.sh'.
Creating shim for 'scp'.
Creating shim for 'sftp'.
Creating shim for 'ssh'.
Creating shim for 'ssh-add'.
Creating shim for 'ssh-agent'.
Creating shim for 'ssh-copy-id'.
Creating shim for 'ssh-keygen'.
Creating shim for 'ssh-keyscan'.
Creating shim for 'sshd'.
'openssh' (7.6p1) was installed successfully!
pshazz のインストール\\
$ scoop install pshazz
Installing 'pshazz' (0.2019.08.07) [64bit]
Downloading https://github.com/lukesampson/pshazz/archive/30609306103dd2988353e44596c6093c688b0ea5.zip (-1 B)...
Checking hash of 30609306103dd2988353e44596c6093c688b0ea5.zip ... ok.
Extracting 30609306103dd2988353e44596c6093c688b0ea5.zip ... done.
Adding pshazz to your powershell profile.
_ _
_ __ ___| |__ __ _ _______| |
| '_ \/ __| '_ \ / _` |_ /_ / |
| |_) \__ \ | | | (_| |/ / / /|_|
| .__/|___/_| |_|\__,_/___/___(_)
|_|
The ssh-agent service is disabled. Please enable the service and try again.
You can enable it by running 'Set-Service ssh-agent -StartupType Manual'
Your PowerShell is now powered by pshazz!
Linking ~\scoop\apps\pshazz\current => ~\scoop\apps\pshazz\0.2019.08.07
Creating shim for 'pshazz'.
'pshazz' (0.2019.08.07) was installed successfully!
===== 公開/秘密キーのペアの生成 =====
==== RSA 4096 bit の場合 ====
RSA - Rivest-Shamir-Adleman\\
[[wpjp>RSA暗号|RSA暗号 - Wikipedia]]\\
$ cd ~
$ ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa_tomoyan-2020 -C "Monster's Garage Co.,Ltd. TomoYan RSA"
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): ****************
Enter same passphrase again: ****************
Your identification has been saved in .ssh/id_rsa_tomoyan-2020.
Your public key has been saved in .ssh/id_rsa_tomoyan-2020.pub.
The key fingerprint is:
SHA256:H7Uqk4RsQzVbkkcGjg93H9gTFcYkoIKfOWbyeNzM69g Monster's Garage Co.,Ltd. TomoYan RSA
The key's randomart image is:
+---[RSA 4096]----+
| =+=.o+=. |
| . +.B.o +. |
| . = =.o = |
| + O . o + |
| . % S . o |
| O B o o |
| . + B o |
| . o + |
| ..E |
+----[SHA256]-----+
==== ECDSA 521 bit の場合 ====
ECDSA - Elliptic Curve Digital Signature Algorithm\\
[[wpjp>楕円曲線DSA|楕円曲線DSA - Wikipedia]]\\
$ cd ~
$ ssh-keygen -t ecdsa -b 521 -f ~/.ssh/id_ecdsa_tomoyan-2020 -C "Monster's Garage Co.,Ltd. TomoYan ECDSA"
Generating public/private ecdsa key pair.
Enter passphrase (empty for no passphrase): ****************
Enter same passphrase again: ****************
Your identification has been saved in .ssh/id_ecdsa_tomoyan-2020.
Your public key has been saved in .ssh/id_ecdsa_tomoyan-2020.pub.
The key fingerprint is:
SHA256:UsCHI8qiuNFymE3RSFOC1UyYTwxG+8fyUEtzvgxoIAg Monster's Garage Co.,Ltd. TomoYan ECDSA
The key's randomart image is:
+---[ECDSA 521]---+
|E=O%o... |
|+.=+B +.. |
|o.o= .+oo |
|..+o.= * |
|oB * * S |
|B +. = + . |
| = . o |
|. |
| |
+----[SHA256]-----+
==== Ed25519 の場合 ====
Ed25519 - EdDSA - Edwards-curve Digital Signature Algorithm\\
[[wpjp>エドワーズ曲線デジタル署名アルゴリズム|エドワーズ曲線デジタル署名アルゴリズム - Wikipedia]]\\
$ cd ~
$ ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519_tomoyan-2021 -C "Monster's Garage Co.,Ltd. TomoYan Ed25519"
Generating public/private ed25519 key pair.
Enter passphrase (empty for no passphrase): ****************
Enter same passphrase again: ****************
Your identification has been saved in .ssh/id_ed25519_tomoyan-2021.
Your public key has been saved in .ssh/id_ed25519_tomoyan-2021.pub.
The key fingerprint is:
SHA256:9FaSUchPixc7/46hFPnpjn50bCfAleMrD+AmGukbJAY Monster's Garage Co.,Ltd. TomoYan Ed25519
The key's randomart image is:
+--[ED25519 256]--+
| ..o. . |
| ooo + |
| E . o=.* . |
| . . .ooO.. |
| o ..S.ooo+ o |
| . oo ..o oo=.=|
| ..o o .=+=.|
| o. . +oo.|
| .. .+o+..|
+----[SHA256]-----+
===== 公開キーの登録 =====
$ cat .ssh/id_ed25519_tomoyan-2021.pub
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIQZ2+HYiPH+KFyCtcqSqqe3sCRnPObwv/bITzuifaan Monster's Garage Co.,Ltd. TomoYan Ed25519
$ cat ~/.ssh/id_ed25519_tomoyan-2021.pub >> ~/.ssh/authorized_keys
$ cat ~/.ssh/authorized_keys
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIQZ2+HYiPH+KFyCtcqSqqe3sCRnPObwv/bITzuifaan Monster's Garage Co.,Ltd. TomoYan Ed25519
===== scoop で利用可能な OpenSSH の配布形態 =====
2021/06/15 現在、本家である [[https://www.openssh.com/|OpenSSH]] では 2021/04/19 に [[https://www.openssh.com/txt/release-8.6|OpenSSH 8.6]] がリリースされている状況である。\\
Fedora 34 では openssh-8.6p1-3 がリリースされている。\\
$ dnf info openssh
インストール済みパッケージ
名前 : openssh
バージョン : 8.6p1
リリース : 3.fc34
Arch : x86_64
サイズ : 1.8 M
ソース : openssh-8.6p1-3.fc34.src.rpm
リポジトリー : @System
repo から : updates
概要 : An open source implementation of SSH protocol version 2
URL : http://www.openssh.com/portable.html
ライセンス : BSD
説明 : SSH (Secure SHell) is a program for logging into and executing
: commands on a remote machine. SSH is intended to replace rlogin and
: rsh, and to provide secure encrypted communications between two
: untrusted hosts over an insecure network. X11 connections and
: arbitrary TCP/IP ports can also be forwarded over the secure channel.
:
: OpenSSH is OpenBSD's version of the last free version of SSH, bringing
: it up to date in terms of security and features.
:
: This package includes the core files necessary for both the OpenSSH
: client and server. To make this package useful, you should also
: install openssh-clients, openssh-server, or both.
scoop の main bucket の配布状況は以下のような感じである。\\
$ scoop search openssh
'main' bucket:
git-with-openssh (2.30.1.windows.1)
mls-software-openssh (8.4p1-2)
openssh (8.2p1-1)
win32-openssh (8.1.0.0p1-Beta)
[[https://www.openssh.com/|OpenSSH]]\\
$ scoop info openssh
Name: openssh
Description: A suite of secure networking utilities based on the Secure Shell protocol.
Version: 8.2p1-1
Website: https://www.openssh.com/
License: ISC (https://spdx.org/licenses/ISC.html)
Manifest:
C:\Users\tomoyan\scoop\buckets\main\bucket\openssh.json
Installed: No
Binaries:
findssl.sh.exe usr\bin\scp.exe usr\bin\sftp.exe usr\bin\ssh.exe usr\bin\ssh-add.exe usr\bin\ssh-agent.exe ssh-copy-id.exe usr\bin\ssh-keygen.exe usr\bin\ssh-keyscan.exe usr\bin\sshd.exe
[[https://github.com/PowerShell/Win32-OpenSSH|PowerShell/Win32-OpenSSH: Win32 port of OpenSSH]]\\
$ scoop info win32-openssh
Name: win32-openssh
Description: A suite of secure networking utilities based on the Secure Shell protocol. (Microsoft port)
Version: 8.1.0.0p1-Beta
Website: https://github.com/PowerShell/Win32-OpenSSH
License: BSD-3-Clause (https://github.com/PowerShell/openssh-portable/blob/latestw_all/LICENCE)
Manifest:
C:\Users\tomoyan\scoop\buckets\main\bucket\win32-openssh.json
Installed: No
Binaries:
scp.exe sftp.exe sftp-server.exe ssh-add.exe ssh-agent.exe ssh-keygen.exe ssh-keyscan.exe ssh-shellhost.exe ssh.exe sshd.exe
Notes
-----
This is a pre-release (non-production ready)
Run 'sudo C:\Users\tomoyan\scoop\apps\win32-openssh\current\install-sshd.ps1' to install sshd and
ssh-agent as a service.
Run 'sudo C:\Users\tomoyan\scoop\apps\win32-openssh\current\uninstall-sshd.ps1' to uninstall the
services.
[[https://www.mls-software.com/opensshd.html|mls-software.com]]\\
$ scoop info mls-software-openssh
Name: mls-software-openssh
Description: A Windows installer package of Openssh for Windows that is actively maintained and current.
Version: 8.4p1-2
Website: https://www.mls-software.com/opensshd.html
License: ISC (https://spdx.org/licenses/ISC.html)
Manifest:
C:\Users\tomoyan\scoop\buckets\main\bucket\mls-software-openssh.json
Installed: No
Binaries:
bin\scp.exe bin\sftp.exe bin\ssh-add.exe bin\ssh-agent.exe bin\ssh-keygen.exe bin\ssh-keyscan.exe bin\ssh.exe
[[https://gitforwindows.org/|Git for Windows]]\\
$ scoop info git-with-openssh
Name: git-with-openssh
Description: Distributed version control system
Version: 2.30.1.windows.1
Website: https://gitforwindows.org
License: GPL-2.0-only (https://spdx.org/licenses/GPL-2.0-only.html)
Manifest:
C:\Users\tomoyan\scoop\buckets\main\bucket\git-with-openssh.json
Installed: No
Binaries:
cmd\git.exe cmd\gitk.exe cmd\git-gui.exe git-bash.exe usr\bin\ssh.exe usr\bin\sshd.exe usr\bin\scp.exe usr\bin\sftp.exe usr\bin\ssh-add.exe usr\bin\ssh-agent.exe usr\bin\ssh-keygen.exe usr\bin\ssh-keyscan.exe usr\bin\tig.exe
Environment: (simulated)
GIT_INSTALL_ROOT=C:\Users\tomoyan\scoop\apps\git\current
===== 参考文献 =====
[[qita>wnoguchi/items/a72a042bb8159c35d056|2017年版 SSH公開鍵認証で使用する秘密鍵ペアの作り方 - Qiita]]\\
==== 付録 ====
[[tw>tomoyan596/status/1403806629703741441|RSA暗号は設計者の名前が由来でしたよねぇ🤔 Rivest-Shamir-Adleman 長すぎです😅 / Twitter]]\\