Chapter 14. SSH1 Port by Sergey Okhapkin (Windows)
Numerous programmers have attempted to port SSH1 to Windows. Most ports that we've seen are unfinished, no longer in development, or distributed without source code. The best ports we've found are by Sergey Okhapkin, so we cover his work in this chapter. We'll call the software Okhapkin's SSH1 to distinguish it from SSH1. Okhapkin's software works fine, but installation is difficult. For this reason we recommend it for advanced Windows users only. Ideally you should be familiar with MS-DOS environment variables, bzip2 compressed files, tar archives, the Windows NT Resource Kit, and most of all, installing applications manually on your PC. If these are alien concepts, consider a different SSH program for Windows. On the other hand, if you persevere through the installation, you get a powerful, command line-based SSH for free. Okhapkin has done separate ports of SSH1 Versions 1.2.26 and 1.2.27, and SSH2 Version 2.0.13. We cover the 1.2.26 port since we had the least trouble installing it.
Contents:Obtaining and Installing Clients
Obtaining and Installing the Server
14.1. Obtaining and Installing ClientsOkhapkin's SSH1 is found on the author's web site in Russia: , a compression utility popular among Linux users. For example, the "bzipped" tar archive for Okhapkin's Version 1.2.26 port is ssh-1.2.26-cygwinb20.tar.bz2. In this version of Okhapkin's SSH1, the clients (ssh1, scp1) run under 32-bit Windows systems; we installed them under Windows 95. The server (sshd ) runs only on Windows NT. For the conservative installation we describe, you need 40 MB of disk space to hold both SSH and the Cygwin support software and another 20 MB during installation, so make sure to have 60 MB free. SSH itself requires only 1 MB, so if you want to save space after the installation, you can delete most of Cygwin.
14.1.1. Prepare FoldersBefore you start installing software, create the following folders on your C: drive:
To create C:\home\.ssh you must use the DOS mkdir command. Windows doesn't create folders with names beginning with a period.C:\usr C:\usr\local C:\usr\local\bin C:\etc C:\home C:\home\.ssh Note the period! C:\tmp
C:\> mkdir C:\home\.ssh
14.1.2. Prepare autoexec.batYou need to make two changes to your autoexec.bat file. First, add the folder C:\usr\local\bin to your MS-DOS search path. This is done by appending the following line to the file:
Next, set the environment variable CYGWIN to have the value "tty":PATH=%PATH%;C:\usr\local\bin;C:\Cygwin\bin
This is required so the ssh1 client can run interactively. Finally, save autoexec.bat, open an MS-DOS command line, and apply your changes:SET CYGWIN=tty
14.1.3. Create a Password FileOn Unix, the file /etc/passwd contains login names, passwords, and other information about users. You must create a similar file on the PC to satisfy Okhapkin's SSH1 clients, because they need a login name to operate. In the folder C:\etc you created earlier, create a one-line file called passwd. The line has seven fields, separated by colons:
14.1.4. Install CygwinCygwin is a wonderful collection of command-line programs. They are ports of GNU software (http://www.gnu.org) that run on Windows thanks to a library of code, the Cygwin DLL known as cygwin1.dll. Okhapkin's SSH1 requires this DLL, so after you install Cygwin, you may delete most of the other files. However, the whole Cygwin distribution is so useful we hope you'll keep it. The software is available from: and not the many accompanying programs. At press time, it is located on the Cygwin mirror machines (reachable from the URL above) in the /pub/cygwin/latest/cygwin folder. The distribution is in gzipped tar format (.tar.gz filename suffix), which WinZip for Windows can unpack. Copy cygwin1.dll to the folder C:\usr\local\bin you created earlier.
14.1.5. Install bzip2bzip2 is a program for compressing and uncompressing files. A Windows version is available from:
C:\> cd \usr\local\bin C:\usr\local\bin> rename bzip2095d_win32.exe bzip2.exe
14.1.6. Install Okhapkin's SSH1Download Okhapkin's SSH1 Version 1.2.26 from: Uncompress the file with bzip2 to produce a tar file:
Extract the tar file in the root of the C: drive. This unpacks files into C:\usr :C:\temp> bzip2 -d ssh-1_2_26-cygwinb20_tar.bz2
If you skipped installing the full Cygwin package, [Section 14.1.4, "Install Cygwin"] you might not have a tar program. The popular WinZip program for Windows is also capable of unpacking the tar file (after you run bzip2). Be sure to unpack it into the root of the C: drive. The SSH1 client software is now installed.C:\temp> cd \ C:\> tar xvf \temp\ssh-1_2_26-cygwinb20_tar
14.1.7. Create a Key PairBefore running Okhapkin's SSH1 clients, set up your SSH folder and generate a key pair for public-key authentication. This is done by running ssh-keygen1:
In the C:\home\.ssh folder, ssh-keygen1 creates a private key file identity and public key file identity.pub. The output looks something like the following. Ignore the line w: not found caused by a harmless difference between Unix and Windows.C:\> ssh-keygen1
ssh-keygen1 then prompts for a file in which to save the key. Accept the default by pressing the Enter key:Initializing random number generator... w: not found Generating p: ....................++ (distance 352) Generating q: ..........++ (distance 140) Computing the keys... Testing the keys... Key generation complete.
You are then prompted for a passphrase for your private key. Choose a good one and type it twice. It doesn't display onscreen.Enter file in which to save the key (/home/.ssh/identity): [press Enter]
Your key pair is now generated and saved in the folder C:\home\.ssh. Copy your public key (identity.pub) to any SSH server machine where you want to connect, appending it to your remote ~/.ssh/authorized_keys file. [Section 2.4.3, "Installing a Public Key on an SSH ServerMachine"]Enter passphrase: ******** Enter the same passphrase again: ********
14.1.8. Log into a Remote Host with ssh1You are ready to connect! Run the ssh1 client, providing your remote login name. Suppose it is "smith" on the SSH server machine server.example.com :
On your first attempt, ssh1 adds the remote host to its known hosts database. [Section 2.3.1, "Known Hosts"] Answer yes and continue:C:\> ssh1 -l smith server.example.com
Finally, you're prompted for your passphrase:Host key not found from the list of known hosts. Are you sure you want to continue connecting (yes/no)? yes Host 'relativity.cs.umass.edu' added to the list of known hosts.
If all goes well, you are now logged into the remote host via SSH. You can also run individual commands by SSH in the usual way, providing a command at the end of the line:Enter passphrase for RSA key 'You@YourPC': ********
C:\> ssh1 -l smith server.example.com /bin/who
Copyright © 2002 O'Reilly & Associates. All rights reserved.