Linux または macOS のクライアント OS から Windows 11 へ公開鍵認証で接続するケースを想定.
-
Windows で管理者として PowerShell を実行し OpenSSH をインストール
# Install the OpenSSH Server Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 # Install the OpenSSH Client Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0 -
Windows で OpenSSH Server を起動
# Start the sshd service Start-Service sshd # OPTIONAL but recommended: Set-Service -Name sshd -StartupType 'Automatic' # Confirm the Firewall rule is configured. It should be created automatically by setup. Run the following to verify if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) { Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..." New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22 } else { Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists." } -
Windows で OpenSSH デフォルトシェルを PowerShell に変更
New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force Restart-Service sshd -
クライアント OS で公開鍵と秘密鍵を作成
$ ssh-keygen -t rsa -
クライアント OS から Windows へ公開鍵をコピー
# Use scp to copy the public key file generated previously on your client to the authorized_keys file on your server $ scp ~/.ssh/id_rsa.pub username@servername:C:\\ProgramData\\ssh\\administrators_authorized_keys # Appropriately ACL the authorized_keys file on your server $ ssh username@servername icacls.exe C:\\ProgramData\\ssh\\administrators_authorized_keys /inheritance:r /grant Administrators:F /grant SYSTEM:F -
クライアント OS から Windows へ秘密鍵を用いて接続テスト
$ ssh -i ~/.ssh/id_rsa username@servername
参考: