archive
/
PurpleDome
mirror of https://github.com/avast/PurpleDome
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
develop
polishing2
presentation_gpn_2022
more_unit_tests
extending_page
main
caldera_4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7cd2cba6bf'
${ noResults }
PurpleDome/doc/source/basics/windows_targets.rst

84 lines
2.7 KiB
ReStructuredText
Raw Blame History

===============
Windows targets
===============
Windows Vagrant boxes need a special setup. They have to be created from a running windows machine.
Windows Box
-----------
If you use Vagrant you need a vagrant box first. On this image the vm will be based on.
The base vm must be running in VirtualBox when taking the snapshot. To do so, use::
vagrant package --base 'Windows 10 x64'
In this example the running Virtual Box VM named 'Windows 10 x64'
Adding the box in bash::
vagrant box add --name windows10_64 "file:///home/ts/vagrantboxes/win10_64/package.box"
After that it can be used under this name in a Vagrantfile.
Setting up Windows for Purple Dome
----------------------------------
* Install OpenSSH on the windows target (https://docs.microsoft.com/de-de/windows-server/administration/openssh/openssh_install_firstuse and https://docs.microsoft.com/de-de/windows-server/administration/openssh/openssh_keymanagement)
Some SSH hints (powershell):
Powershell::
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'
Install-Module -Force OpenSSHUtils -Scope AllUsers
To create a user key in a private user folder call (as user) Powershell::
ssh-keygen
This can be used for remote login
To be able to log into the Windows box, *c:\users\PurpleDome\.ssh\authorized_keys* needs to be created. Add the public key there.
For admin users, the file is *C:\ProgramData\ssh\administrators_authorized_keys*
Copy your public key into that (open file in administrator notepad, copy&paste)
The file needs special permissions. Powershell::
$acl = Get-Acl C:\ProgramData\ssh\administrators_authorized_keys
$acl.SetAccessRuleProtection($true, $false)
$administratorsRule = New-Object system.security.accesscontrol.filesystemaccessrule("Administrators","FullControl","Allow")
$systemRule = New-Object system.security.accesscontrol.filesystemaccessrule("SYSTEM","FullControl","Allow")
$acl.SetAccessRule($administratorsRule)
$acl.SetAccessRule($systemRule)
$acl | Set-Acl
See: https://www.concurrency.com/blog/may-2019/key-based-authentication-for-openssh-on-windows
https://github.com/PowerShell/Win32-OpenSSH/wiki/Troubleshooting-Steps
To connect from linux call bash::
ssh -o "IdentitiesOnly=yes" -i ~/.ssh/id_rsa.3 -v PURPLEDOME@192.168.178.189
(Capital letters for user name !)
* The parameters enforce the use of a specific key. You can also drop that into the ssh config
Footnote: WinRM failed.
SCP from and to Windows
-----------------------
Just use the user's home folder as "entry folder" and do::
scp win10:my_logs.zip .
Reduces the hassle with slashes.
Reference in New Issue View Git Blame Copy Permalink