PowerShell
##########




* 安装适用于 Windows 的 OpenSSH: https://learn.microsoft.com/zh-cn/windows-server/administration/openssh/openssh_install_firstuse?tabs=powershell




安装&启动sshd
=============

* from: https://learn.microsoft.com/zh-cn/windows-server/administration/openssh/openssh_install_firstuse?tabs=powershell

.. note:: 先以管理员身份运行 PowerShell

确保 OpenSSH 可用::

    >> Get-WindowsCapability -Online | Where-Object Name -like 'OpenSSH*'

    # 如果两者均尚未安装，则此命令应返回以下输出：
        Name  : OpenSSH.Client~~~~0.0.1.0
        State : NotPresent

        Name  : OpenSSH.Server~~~~0.0.1.0
        State : NotPresent

根据需要安装服务器或客户端组件::

    # Install the OpenSSH Client
    Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0

    # Install the OpenSSH Server
    Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

    # 输出
        Path          :
        Online        : True
        RestartNeeded : False

启动 sshd service::

    # Start the sshd service
    Start-Service sshd

    # OPTIONAL but recommended:
    Set-Service -Name sshd -StartupType 'Automatic'

    # Confirm the Firewall rule is configured. It should be created automatically by setup. Run the following to verify
    if (!(Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue | Select-Object Name, Enabled)) {
        Write-Output "Firewall Rule 'OpenSSH-Server-In-TCP' does not exist, creating it..."
        New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
    } else {
        Write-Output "Firewall rule 'OpenSSH-Server-In-TCP' has been created and exists."
    }


卸载::

    # Uninstall the OpenSSH Client
    Remove-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0

    # Uninstall the OpenSSH Server
    Remove-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0


.. figure:: https://img.zhaoweiguo.com/uPic/2023/12/vsV60d.png

    查看服务。注意：有时服务名是openssh




ssh免登录
=========


* 【参考】Windwos 系统的 ssh 免密登陆: https://www.bilibili.com/read/cv26660728/

* powerShell 进入目录 ``C:\ProgramData\ssh\``，打开 sshd_config 文件


确保以下 3 条没有被注释::

    PubkeyAuthentication yes
    AuthorizedKeysFile .ssh/authorized_keys
    PasswordAuthentication no


确保以下 2 条有注释掉::

    #Match Group administrators
    #   AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys



重启服务::

    Restart-Service sshd