OpenSSH On Windows – It’s Happening!

Use Netsparker


So it seems like getting rid of Ballmer was the best thing Microsoft has done in years, Satya is definitely pushing them in a much more positive direction with a focus on Azure and open sourcing technology and moves like this OpenSSH on Windows!

A real show of support for open source technology and a commitment to making Windows servers more technologically relevant.

OpenSSH On Windows - It's Happening!

There have long been 3rd integrations with Windows to provide SSH support, but it’s good to finally a see real commitment by Microsoft themselves to do encrypted remote access the right way.

Microsoft has finally decided to add support for SSH to PowerShell, allowing people to log into Windows systems and use software remotely over an encrypted connection.

Users of Linux, the BSDs, and other operating systems, will know all about OpenSSH and its usefulness in connecting machines in a secure way to execute commands and transfer data. And soon Windows PowerShell – the command-line shell and scripting language – can be used over SSH, we’re told.

“The PowerShell team [will] adopt an industry-proven solution while providing tight integration with Windows; a solution that Microsoft will deliver in Windows while working closely with experts across the planet to build it,” wrote Microsoft group software engineering manager Angel Calvo.

“I’m pleased to announce that the PowerShell team will support and contribute to the OpenSSH community.”

PowerShell’s SSH support will allow users to “interoperate between Windows and Linux – both Linux connecting to and managing Windows via SSH and, vice versa, Windows connecting to and managing Linux via SSH.”


This brings in a whole new era of monitoring and automation for Windows DevOps guys, more integration with Linux tools and easier deployment etc as pretty much everything already supports SSH.

In many environments the use of a 3rd party SSH server would be prohibited (against service contracts etc) so the fact it’s going to be ‘officially’ part of Windows going forwards is great.

This isn’t the first time Microsofties have tried to adopt SSH for Windows. Engineers at Redmond giant say they had tried on two separate occasions to allow the secure protocol to be used within Windows, attempts that were struck down by leadership.

Third-party SSH tools have been available on Windows for years, but this announcement is effectively Microsoft’s official endorsement of the open-source technology.

The change in policy has been linked directly to changes at the top of Microsoft – the departure of Steve Ballmer as CEO and the rise of Satya Nadella, a move that MS employees say brought a change in culture and perspective in Redmond.

“Given our changes in leadership and culture, we decided to give it another try and this time, because we are able to show the clear and compelling customer value, the company is very supportive,” Calvo wrote.

“So I want to take a minute and thank all of you in the community who have been clearly and articulately making the case for why and how we should support SSH! Your voices matter and we do listen.”

Well, they listen now that Ballmer is out of the picture.

There’s no time-line for release of this right now, I wonder if it’s something that will come out with Windows 10? Or something they are only just starting to work on now?

Either way it’s definitely a positive move and I hope to see more industry standards infiltrate the Microsoft ecosystem and the era of proprietary technologies for remote control, network stacks and so on die off.

Source: The Register

Posted in: Countermeasures, Windows Hacking

, ,


Latest Posts:


Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.


Comments are closed.