How To Configure SSHD In Windows As An Overthere Host For XL Deploy

Some times our customers would prefer to use SSH to connect from the server our XL Deploy is running on and their targets.  By default Windows does not support SSH, but XebiaLabs' tools do support SSH on windows.  The tricky part is that most implementations of SSH for Windows also require you to use BASH as a default shell.  In this blog post I will discuss how you can set up SSH/BASH on Windows to be used with XL Deploy.  While I'm specifically talking about XL Deploy these principals should work the same for the rest of XebiaLabs' XL tools.

Recently, I was with a customer who wanted to use SSH/BASH because it made more sense to the due to the nature of their security profile.  We installed Cygwin64 and with a few configuration changes they were able to use XL Deploy over SSH to their Windows systems. The process starts out by downloading and installing Cygwin64 from cygwin.com.  There are several SSHD services that you can get for Windows, but the problem is that most of the free ones are 32 bit versions.  In Windows a 32 bit process can not start a 64 bit process, so it is better to use a 64 bit SSHD if you have a 64 bit version of Windows. To install Cygwin64 sshd as a Windows Service we will start buy downloading Cygwin64 from the web https://cygwin.com/install.html.  The download will go into your download folder.One the file is downloaded you can double click on the file to start the install process.Click NextSelect your internet connection type and click next.Change the install path if you like.  I prefer to just use the default.Changed the local package directory if you like.  I prefer to just use the default.  Click on next.I have a direct connection.  Click next.My preferred mirror site is osuosl.org.  Select your preferred mirror site an click next.In addition to the base Cygwin64 install we will need to install OpenSSH.  So in the search box type "openssh" and select OpenSSH for installation and click on Next.After the install you will be asked if you want to see the readme file on make a desktop short cut.  I prefer to use the Cygwin bash shell over the Windows CMD window so I usually ask to have the short cut, but not the readme.Start a Cygwin bash session....Verify file/user permissions in the cygwin bash window by executing the commands as follows:

chmod0+r0/etc/passwd chmod0u+w0/etc/passwd chmod0+r0/etc/group chmod0u+w0/etc/group chmod07550/var touch0/var/log/sshd.log chmod06640/var/log/sshd.log editrights0@l0@u0sshd editrights0@a0SeAssignPrimaryTokenPrivilege0@u0sshd editrights0@a0SeCreateTokenPrivilege0@u0sshd editrights0@a0SeTcbPrivilege0@u0sshd editrights0@a0SeServiceLogonRight0@u0sshd editrights0@l0@u0sshd

Navigate to the C:\cygwin64 directory, open the bat file in edit mode using any editor, and add the following line before invoking the bash shellset CYGWIN=binmode ntsecTo verify if Cygwin (cygrunsrv) is installed properly, run C:\cygwin\Cygwin.bat, and execute the following command:If Cygwin is installed properly, then all the Cygwin help options are displayed on the screen. However, if this command returns an error message, then you may have to reinstall Cygwin. To configure the SSHD service, run C:\cygwin\Cygwin.bat, and execute the following command:

ssh-host-config

After running the command, you are prompted the following questions:

*** Info: already exists). This account is then used to run these special *** Info: servers. *** Info: Note that creating a new user requires that the current account *** Info: have Administrator privileges itself. *** Info: No privileged account could be found. *** Info: This script plans to use 'cyg_server'. *** Query: Create new privileged user account 'WIN201201\xldeploy' (Cygwin name: 'xldeploy')? (yes/no) yes *** Info: Please enter a password for new user xldeploy.  Please be sure *** Info: that this password matches the password rules given on your system. *** Info: Entering no password will exit the configuration. *** Query: Please enter the password: *** Query: Reenter: *** Info: User 'xldeploy' has been created with password 'XXXXXX'. *** Info: If you change the password, please remember also to change the *** Info: password for the installed services which use (or will soon use) *** Info: the 'xldeploy' account. *** Info: The sshd service has been installed under the 'xldeploy' *** Info: account.  To start the service now, call `net start sshd' or *** Info: `cygrunsrv -S sshd'.  Otherwise, it will start automatically *** Info: after the next reboot. *** Info: Host configuration finished. Have fun!

You should be able to verify that the SSHD server has been installed as a Windows service by running cygrunsrv -Q sshd as follows:If the service has been installed correctly you can start the SSHD service as follows:When we use SSH/BASH with XL Deploy we will need BAT files to be executable from the BASH command line.  To do this we need to add a line to the .bashrc of the user XL Deploy will log into the Windows box from.  Edit or create a .bashrc in the users home directory and add the line as follows:

find /cygdrive/c/Windows/Temp -name "*.bat" -exec chmod +x {} +

You need to make sure that you .bashrc does not output anything while executing as that will keep it form executing properly.  Now in XL Deploy we can configure the Windows server as an SSH Overthere host as follow:We should be able to test our configuration with the "Connection Test" control task.  The results of that test should look similar to the following:At this point you should be able to use our new WinSshHost in your infrastructure and install applications with SSH from the XL Deploy server.