1. Joined : Oct 2016
    Posts : 3
    Window 10 Pro
       23 Oct 2016 #1

    Can Windows 10 Generate SSH Key-Pairs for SSH Access to Itself?


    All,

    I'm quite adept at key generation and public/private key authentication on Linux, but am basically a fish out of water on windows. I have Win10 with Ubuntu bash installed and I've had no problem with the ssh-keygen from within bash and setting up outbound passwordless ssh access to all Linux hosts. That is not what this questions asks.

    This is about generating keys natively within Win10 so that I can ssh into Win10 w/o a password. (not the WSL bash instance, Win10 itself) For example, I can sit on my arch host and ssh into Win10 as follows:

    Archlinux Host 'valhalla' to Windows 10 host 'elite' (HP elite workstation):

    Code:
        20:04 valhalla:~> uname -a
        Linux valhalla 4.8.3-1-ARCH #1 SMP PREEMPT Thu Oct 20 19:53:59 CEST 2016 x86_64 GNU/Linux
        20:04 valhalla:~> ssh elite
        david@elite's password:
    
        Microsoft Windows [Version 10.0.14393]
        (c) 2016 Microsoft Corporation. All rights reserved.
        
        C:\Users\david>dir /a
        Volume in drive C is Windows
        Volume Serial Number is EA64-6B82
        
        Directory of C:\Users\david
        
        10/23/2016  03:38 PM    <DIR>          .
        10/23/2016  03:38 PM    <DIR>          ..
        10/22/2016  05:40 AM    <DIR>          AppData
        10/22/2016  05:40 AM    <JUNCTION>     Application Data [C:\Users\david\AppData\Roaming]
        10/22/2016  07:35 AM    <DIR>          Contacts
        10/22/2016  05:40 AM    <JUNCTION>     Cookies [C:\Users\david\AppData\Local\Microsoft\Windows\INetCookies]
        10/22/2016  07:35 AM    <DIR>          Desktop
        10/23/2016  04:17 PM    <DIR>          Documents
        10/23/2016  02:53 AM    <DIR>          Downloads
        10/22/2016  11:40 PM    <DIR>          Favorites
        10/22/2016  07:35 AM    <DIR>          Links
        10/22/2016  05:40 AM    <JUNCTION>     Local Settings [C:\Users\david\AppData\Local]
        10/22/2016  07:35 AM    <DIR>          Music
        10/22/2016  05:40 AM    <JUNCTION>     My Documents [C:\Users\david\Documents]
        10/22/2016  05:40 AM    <JUNCTION>     NetHood [C:\Users\david\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
        10/23/2016  03:37 PM         1,572,864 NTUSER.DAT
        10/22/2016  05:40 AM           163,840 ntuser.dat.LOG1
        10/22/2016  05:40 AM           131,072 ntuser.dat.LOG2
        10/23/2016  03:38 PM         1,048,576 NTUSER.DAT{de890eec-984b-11e6-b234-9452f8984253}.TxR.0.regtrans-ms
        <snip>
        C:\Users\david>exit
        Connection to elite closed.
        20:04 valhalla:~>
    The question is "is there a way to generate ssh keys (ecdsa) on Win10 natively?" (e.g. id_ecdsa and id_ecdsa.pub) and "if so, where do you put them on windows"? (is there a user .ssh directory, where they go? Is there a native authorized_keys files - or equivalent? How do I tell windows to use which key-pair?)

    Worst case, "can I generate a key-pair on Linux and move the pair to Win10 and tell windows to use it?" (if so, same questions "How? ...and, where would they go?")

    (as a side note, it was just impressive as heck to be able to ssh into a windows OS, something I've taken for granted on Linux for 16 years, but was somewhat surprised when it worked into Win10, and good job with the base bash install, e.g. inclusion of vim, ssh-keygen, etc. and the base gcc install.)
      My System SpecsSystem Spec


  2. Joined : May 2015
    Central IL
    Posts : 2,961
    EL Capitan
       23 Oct 2016 #2

    Keys can get out of sync if the Linux system generates a new set with each session. That has to be fixed on the Linux side, has nothing to do with Windows.

    One of the systems has to generate the keys, both cannot do so at the same time.
      My System SpecsSystem Spec


  3. Joined : Oct 2016
    Posts : 3
    Window 10 Pro
       23 Oct 2016 #3

    bro67 said: View Post
    Keys can get out of sync if the Linux system generates a new set with each session. That has to be fixed on the Linux side, has nothing to do with Windows.

    One of the systems has to generate the keys, both cannot do so at the same time.
    I'm a bit confused. I have no problem generating a pair of keys, and Linux will not regenerate anything unless issue the ssk-keygen command again. If I can use any key-pair, where do I put the public key within windows 10 so it will accept my logins without prompting for a password?
      My System SpecsSystem Spec


  4. Joined : May 2015
    Central IL
    Posts : 2,961
    EL Capitan
       24 Oct 2016 #4

    If the Linux machine is running OpenSSH, it will generate the key for you to log into it from Putty or FTP. If you log into the Windows Machine with FTP, you would need a SSH keygen running on the Windows machine. Both machines cannot generate a separate SSH key for the same session. When the keys get out of sync on the remote system, for what is stored on the computer you are logging into it with. You have to physically go in to the remote machine at its actual keyboard and monitor to reset the Key, so that the Keygen can create the same one.

    It works just like when you use a codeword between two people to validate that they are friend or foe. If say the keyword was "Chocolate Ice Cream". But you state "I went to the store to pick up some Vanilla Ice Cream." The reply would be "Not correct". SSH is a way to make sure that the computer trusts those who are logging in via a remote access.
      My System SpecsSystem Spec


  5. Joined : Oct 2016
    Posts : 3
    Window 10 Pro
       24 Oct 2016 #5

    bro67 said: View Post
    If the Linux machine is running OpenSSH, it will generate the key for you to log into it from Putty or FTP. If you log into the Windows Machine with FTP, you would need a SSH keygen running on the Windows machine. Both machines cannot generate a separate SSH key for the same session. When the keys get out of sync on the remote system, for what is stored on the computer you are logging into it with. You have to physically go in to the remote machine at its actual keyboard and monitor to reset the Key, so that the Keygen can create the same one.

    It works just like when you use a codeword between two people to validate that they are friend or foe. If say the keyword was "Chocolate Ice Cream". But you state "I went to the store to pick up some Vanilla Ice Cream." The reply would be "Not correct". SSH is a way to make sure that the computer trusts those who are logging in via a remote access.
    I apologize, I must not be making myself clear. I tried hard not to ask an XY question. All I need to know is "Where do the keys go on the windows machine?" Meaning what folder do they get squirreled away in so I can take a new key-pair and put them in the right place on the windows box. I know the Linux end of the game inside and out, but I'm clueless on the windows end of it.

    All I want to do it take a new key-pair, installed it in whatever folder they are supposed to go in on Windows 10 so that anytime I'm away from my laptop on another machine, I can issue the command `ssh mylaptop` and have it connect without the password prompt. Just like I do on the 20 other Linux boxes I talk to. Also, if in addition to putting the key-pair in whatever the proper place is on windows, there are registry tweaks needed to tell windows "Hey, use this key-pair for david.", I need that information as well. I've searched the Microsoft site to no avail. It is like ssh'ing into your OS is an undocumented concept. All I need is a link to the technical docs, if they exist, and I can take it from there.

    I'm sorry if I was unclear, but it seems like such a simple question. I've answered it 10 times over on stackoverflow and superuser for Linux users, but it seems I'm doomed to failure to find the same information as it applied to windows. I really do appreciate your help, but it just seems like we are not communicating. Is there some other way I can explain what I'm looking for that would help?
      My System SpecsSystem Spec


  6. Joined : May 2015
    Central IL
    Posts : 2,961
    EL Capitan
       24 Oct 2016 #6

    The keys are kept under your user profile on that machine you log in with. They transfer with your profile if it is a Roaming Profile that is either on a Domain or using a Microsoft Live account that is your email and a password to login with.

    The keys have always been kept under the user profile.
      My System SpecsSystem Spec


 


Similar Threads
Thread Forum
System Sleep Diagnostics Report - Generate in Windows 10
How to Generate a System Sleep Diagnostics Report in Windows 10 A System Sleep Diagnostics generates a report of intervals when the user was not present (idle) over the last three or specified days on the system, and if the system went to sleep....
Tutorials
Battery Energy Estimation Report - Generate in Windows 10
How to Generate Battery Energy Estimation Report in Windows 10 You can use the Energy Estimation Engine (E3) in Windows to get detailed information about battery usage. The "powercfg /srumutil" command enumerates the entire Energy Estimation...
Tutorials
Sleep Study Report - Generate in Windows 10
How to Generate a Sleep Study Report in Windows 10 A Sleep Study report is tool available on Windows 10 PCs that support the Modern Standby (S0 low power idle) sleep state. A Sleep Study generates a report of connected standby (aka:...
Tutorials
Does Anyone Know A Video Converter That Will Generate A Thumbnail?
I need a video converter that will convert the video and keep the same codecs, bit rates, etc. and will set a thumbnail for the video.
Software and Apps
Battery Usage Report - Generate in Windows 10
How to Generate Report of Battery Usage in Windows 10 A battery usage report will help you know more about the usage, health, and life estimates characteristics of your PC's battery over the lifetime of the system. This tutorial will show...
Tutorials
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 01:06.
Find Us
Twitter Facebook Google+



Windows 10 Forums