Start a new topic

Native OpenSSH support in WIndows

Hi! Microsoft is currently incorporating OpenSSH into Windows. Link: https://arstechnica.com/gadgets/2017/12/microsoft-quietly-snuck-an-ssh-client-and-server-into-the-latest-windows-10/

Let's start using it.


Thanks


1 person likes this idea

Hi,


I'm not sure what you are asking exactly. OpenSSH for Windows (server and client) are separate components which can be installed and used as application/service. While we do have the possibility to incorporate external applications (for the client) similar to PuTTY, it's not the same as implementing a component with "managed" development APIs, such as Rebex, for example. As far as I know, there are currently no managed API bindings which would make it hard to use in an application such as Royal TS. I'm wondering what you would expect from such an integration or what is missing the current components we're using. Can you elaborate?


Regards,
Stefan

One thing that would be lovely is support/integration with the ssh-agent for private keys

I assume that using the OpenSSH client directly is not as straight-forward as it appears, because Rebex.NET is both an SSH client and a terminal emulator, whereas OpenSSH is just the former?

(The same is true for PuTTY, with the added pain of re-parenting a foreign processes' window thrown in.)


I.e. you'd still need something to actually host the OpenSSH process within RoyalTS?


I'm not sure if the modern, soon-to-be-default Windows Terminal provides any help here. It does have plenty of APIs and (as far as I can say) good documentation.

https://github.com/microsoft/terminal


I'm not sure if it would be worth the effort.

I certainly would like to get rid of the problems the re-parenting of PuTTY brings.

Rebex would do that, but it is far less feature-complete than PuTTY.

Small addendum: the OpenSSH version distributed with Windows 10 is somewhat out of date already and can always be replaced by what is available at https://github.com/PowerShell/Win32-OpenSSH.

We do regularly check the Microsoft Terminal source. Right now, it's not that easy to integrate it in other applications. The integration samples are basically code snippets taken from Visual Studio (WPF) integration which has poor performance and is far from what the Rebex based terminal can do. They do have plans to make an embeddable component at some point but there's no timeline for that. Once they have something which would work, we will try to make a plugin based on that component.

Rebex appears to have support for the OpenSSH protocol.  I have my keys stored in 1Password, which has an SSH agent that listens to the OpenSSH pipe (\\.\pipe\openssh-ssh-agent), and makes the key available after authentication.


https://blog.1password.com/1password-ssh-agent/

https://developer.1password.com/docs/ssh/agent/advanced/


I'd like to be able to have 1Password provide the key to the Rebex terminal.


Hi Thomas,


to my knowledge, the Rebex implementation is not based on OpenSSH implementation. However, since it's abiding the SSH standards and RFC it is (should be) compatible connecting to servers based on OpenSSH. Also note, that the SSH protocol and the SSH Agent protocol are two different things. Rebex does not seem to have support for that (yet). To learn more (and vote), you can check out this post in their forums:

https://forum.rebex.net/21686/ssh-agent-support?show=21686#q21686


Regards,
Stefan

The rebex documentation at https://www.rebex.net/doc/api/Rebex.Net.SshAuthenticationAgent.html suggests that SSH agent authentication is ready to use in Rebex. Does this just need exposing within RoyalTS?

Hi Steven,


V7 has SSH Authentication Agent support (no forwarding yet though). You can find the option here:

Version 7?! Why am I only just hearing about this now.


Shut Up And Take My Money Fry Meme Generator - Imgflip

Hi Steve,


the app should tell you, assuming you haven't disabled the update checks. We haven't published a blog post yet as we are still ironing out some minor issues...


cheers,
Stefan

I've been trying to test out the feature, with no success.  I can run the following command from command prompt: 


ssh -l username www.server.com


I'm not sure if RoyalTS is sending the username prior to attempting to use the key from 1password.  The verbose logs appear to be failing "SSH: Negotiation" prior to prompting for the credential.

Hi Thomas,


I'm not sure what you are trying to do. This thread might be a bit confusing because at the end it was about agent support in Rebex based terminal (note that forwarding is not supported).


Regards,

Stefan

The OpenSSH support in Rebex appears to be having issues when a username is required, but a password isn't required.

Login or Signup to post a comment