This project is _not_ about bringing UNIX to Windows. It is about bringing the open ssh protocol to Windows. As a daily UNIX and Windows user in an enterprise environment, I can say that a fully integrated sshd is a welcomed addition. I have written and maintained many WinRM interop ruby gems and cannot wait until we can deprecate them in favor of a better and sane remote she'll implementation. This is a real milestone, keep up the great work.
As for Cygwin sshd, it does work if posix is the order of the day but if you need a reliable terminal (for things like powershell) that scales to hundreds of servers and many admins Cygwin simply fails the test. Clunky domain authentication, private key auth is a joke, powershell only works sometimes (thanks PTY), network tokens are non-existent, etc. the list goes on and on.
$ ssh [email protected][email protected]'s password:
Microsoft Windows [Version 10.0.10586]
(c) 2015 Microsoft Corporation. All rights reserved.
C:\Users\Mike>powershell -File -
PS C:\Users\Mike>
Interesting that the build instructions refer to Cygwin. It's a bit surprising, I'd have expected something more native. What does this bring to the table that regular Cygwin OpenSSHd couldn't do 10 years ago?
Powershell integration. Cygwin SSH drops you into a bash prompt running on the Windows box. Powershell is much more deeply integrated with Windows, and is more useful for actual system administration (e.g. configuring IIS, SQL Server, etc) than Cygwin's bash.
Feature request: Domain group policy setting for authorized keys. Make some ssh key(s) authorized to logon as some domain user(s) for every machine in the domain.
We're going to be porting our Linux/UNIX (python) shim [1] to PowerShell asap so that you can provide your users an actual UX for key management... integrating it with group policies would be really cool too. (However, it might be orthogonal to our goal of local admin accounts to eliminate dependence on centralized auth.)
You could do this right now w/ w/ a "Startup Script" or using Group Policy Preferences. The authorization to logon is, presumably, tied to the "User Right" to logon interactively and shouldn't have anything to do w/ the SSH server (since it's just userland).
A half-bad Unix on top of Windows, with its own duplicate way of handling services, storage, users, permissions and everything else, is a pretty poor setup. Powershell (particularly the way it separates data from presentation) is one of the best shells on any OS. Being able to access it from Linux is a good thing.
They purchased a reasonably nice POSIX environment when they bought Interix in 1999 (https://en.wikipedia.org/wiki/Interix). Interix was a lot of fun to use, and I really wish it still existed as a product. I used to have fanciful dreams of a POSIX-based Linux-like "distribution" of Windows that kept a lot of the things I like about the Windows NT environment (NTFS filesystem, kernel object manager, service control manager) but jettisoned those things I don't.
There's a huge difference in functionality and philosophy between powershell and posix. For one, everything in powershell is an object. What this means, is that when you pipe things together, you're not just piping output strings, you have iterators, arrays, closures, typed values, etc at your disposal. Additionally, in powershell, you can use arbitrary CLR libraries as if they were native. Posix shells, in contrast, tend to require you to write and build wrapper libraries to import the functions into your scripting environment.
So in short, using a posix shell would mean getting rid of all of the work MS has put into an insanely flexible command environment over the past several years. Insisting on posix just denies the flexibility to experiment and develop something which serves a different problem set, or approaches a problem from a new angle.
PowerShell is the focal point for Windows on Azure, for Server Core and for Server Nano. So it makes perfect sense from that perspective. As a Windows and Linux user, this is absolutely fantastic.
msys2 still can't overcome some of the limitations of mintty so it kinda makes sense.
Why is having PowerShell be the focal point for this bizarre? PowerShell is Windows' native command line interface.
Most of the scriptable administration tools (which are being heavily promoted as the primary way to administer Windows boxes these days) are PowerShell based, the tools for talking to Azure are PowerShell based, the new package manager in Windows 10 is PowerShell based, etcetera.
OpenSSH isn't being ported to Windows to make Windows overall more POSIXish; it's being ported to make managing Windows boxen from POSIX ones easier, and vice versa.
I don't know why YCOmega is getting downvoted, msys2 is actually an extremely nice environment, now that Interix has been dead for quite some time.
I wish msys2 would figure out how to port Cygwin's sshd, or figure out how to use Microsoft's new one to give me a msys2'ed zsh prompt instead of Powershell.
Managing Windows from the command line these days without PowerShell is severely handicapping yourself. It's not practical to divorce PowerShell from Windows command line administration.
[+] [-] mortonpe|10 years ago|reply
As for Cygwin sshd, it does work if posix is the order of the day but if you need a reliable terminal (for things like powershell) that scales to hundreds of servers and many admins Cygwin simply fails the test. Clunky domain authentication, private key auth is a joke, powershell only works sometimes (thanks PTY), network tokens are non-existent, etc. the list goes on and on.
[+] [-] mikemaccana|10 years ago|reply
It's still way too early to us as a daily driver - lots of small bugs - but nevertheless interesting.
[+] [-] jlgaddis|10 years ago|reply
For example:
Is that right?[+] [-] mikemaccana|10 years ago|reply
[+] [-] voltagex_|10 years ago|reply
[+] [-] mikemaccana|10 years ago|reply
For some reason putty works but iTerm has the backspace issue. Putty user: what's your $TERM?
Ctrl H works as a workaround BTW.
[+] [-] jlgaddis|10 years ago|reply
[+] [-] tthayer|10 years ago|reply
[+] [-] 0x0|10 years ago|reply
[+] [-] quanticle|10 years ago|reply
[+] [-] zrm|10 years ago|reply
[+] [-] jamiesonbecker|10 years ago|reply
1. Userify cloud ssh key mgmt - https://userify.com
[+] [-] EvanAnderson|10 years ago|reply
[+] [-] finid|10 years ago|reply
[+] [-] detaro|10 years ago|reply
Also, you probably want PowerShell if you manage a windows system remotely. (Ok, you specifically maybe not, but many users do)
[+] [-] YCOmega|10 years ago|reply
If all they did was make or back an official POSIX environment, all of this comes for free.
Insisting that PowerShell be the focal point for all these changes is just bizarre.
Just install msys2.
[+] [-] mikemaccana|10 years ago|reply
[+] [-] EvanAnderson|10 years ago|reply
[+] [-] Sanddancer|10 years ago|reply
So in short, using a posix shell would mean getting rid of all of the work MS has put into an insanely flexible command environment over the past several years. Insisting on posix just denies the flexibility to experiment and develop something which serves a different problem set, or approaches a problem from a new angle.
[+] [-] voltagex_|10 years ago|reply
msys2 still can't overcome some of the limitations of mintty so it kinda makes sense.
More choice in this case isn't a bad thing.
[+] [-] sveiss|10 years ago|reply
Most of the scriptable administration tools (which are being heavily promoted as the primary way to administer Windows boxes these days) are PowerShell based, the tools for talking to Azure are PowerShell based, the new package manager in Windows 10 is PowerShell based, etcetera.
OpenSSH isn't being ported to Windows to make Windows overall more POSIXish; it's being ported to make managing Windows boxen from POSIX ones easier, and vice versa.
[+] [-] DiabloD3|10 years ago|reply
I wish msys2 would figure out how to port Cygwin's sshd, or figure out how to use Microsoft's new one to give me a msys2'ed zsh prompt instead of Powershell.
[+] [-] brazzledazzle|10 years ago|reply
[+] [-] jamiesonbecker|10 years ago|reply
1. https://userify.com