TODO Setup Windows

TODO

Prerequisites

Setting Up the PHX Development Environment on Ubuntu 22.04

Setup

vagrant up pxd-win1 pxd-win2

pxd-win1-win2.log

Verify

Domain Membership

Verify that pxd-win1 is part of the by running command below, which should return c2.org:

vagrant winrm pxd-win1 -e -s powershell \
-c 'systeminfo | Select-String "Domain"'

Native Windows commando’s

Gebruik klist om huidige tickets te bekijken:

klist

Om tickets te purgen (verwijderen):

klist purge

Een nieuw ticket wordt automatisch aangevraagd bij authenticatie, bijvoorbeeld door een netwerkbron te benaderen of in te loggen.

Test

Als user tony op pxd-win1

ssh -o GSSAPIAuthentication=yes pxd-win2

Review

OpenSSH Server

Logging is configured with SyslogFacility LOCAL0 en LogLevel Debug3

group_vars/win_ssh_server/main.yml

15    - name: sshd_config
16      module: win_copy
17      dest: '%programdata%\ssh\sshd_config'
18      content: |
19        # Default settings
20        Port 22
21        PubkeyAuthentication yes

vagrant winrm pxd-win1 -e -s powershell -c 'Get-Content -Path "C:\ProgramData\ssh\logs\sshd.log" -Tail 10 -Wait'

Met SyslogFacility LOCAL0 en LogLevel Debug3

    - name: sshd_config
      module: win_copy
      content: |
        Port 22
        GSSAPIAuthentication yes
        SyslogFacility LOCAL0
        LogLevel Debug3

Dat geeft logging in C:\ProgramData\ssh\logs. Dit we dan met GitBash kunnen tailen Daar worden we niet veel wijzer van.

SSH verbose

C:\Users\tony>ssh -K pxd-win1 -v
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
debug1: Connecting to pxd-win1 [10.0.2.15] port 22.
debug1: Connection established.
debug1: identity file C:\\Users\\tony/.ssh/id_rsa type -1
debug1: identity file C:\\Users\\tony/.ssh/id_rsa-cert type -1
debug1: identity file C:\\Users\\tony/.ssh/id_dsa type -1
debug1: identity file C:\\Users\\tony/.ssh/id_dsa-cert type -1
debug1: identity file C:\\Users\\tony/.ssh/id_ecdsa type -1
debug1: identity file C:\\Users\\tony/.ssh/id_ecdsa-cert type -1
debug1: identity file C:\\Users\\tony/.ssh/id_ed25519 type -1
debug1: identity file C:\\Users\\tony/.ssh/id_ed25519-cert type -1
debug1: identity file C:\\Users\\tony/.ssh/id_xmss type -1
debug1: identity file C:\\Users\\tony/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_for_Windows_8.9
debug1: match: OpenSSH_for_Windows_8.9 pat OpenSSH* compat 0x04000000
debug1: Authenticating to pxd-win1:22 as 'c2\\tony'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:gdPy2XSbzInthpMt2zFqs7tPiQt6ONfEjZT2462kl7o
debug1: Host 'pxd-win1' is known and matches the ECDSA host key.
debug1: Found key in C:\\Users\\tony/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: C:\\Users\\tony/.ssh/id_rsa
debug1: Will attempt key: C:\\Users\\tony/.ssh/id_dsa
debug1: Will attempt key: C:\\Users\\tony/.ssh/id_ecdsa
debug1: Will attempt key: C:\\Users\\tony/.ssh/id_ed25519
debug1: Will attempt key: C:\\Users\\tony/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
debug1: kex_input_ext_info: publickey-hostbound@openssh.com (unrecognised)
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-with-mic,password,keyboard-interactive
debug1: Next authentication method: gssapi-with-mic
debug1: Delegating credentials
debug1: sspi delegation was requested but not fulfilled
debug1: Delegating credentials
debug1: sspi delegation was requested but not fulfilled
debug1: Authentications that can continue: publickey,gssapi-with-mic,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: C:\\Users\\tony/.ssh/id_rsa
debug1: Trying private key: C:\\Users\\tony/.ssh/id_dsa
debug1: Trying private key: C:\\Users\\tony/.ssh/id_ecdsa
debug1: Trying private key: C:\\Users\\tony/.ssh/id_ed25519
debug1: Trying private key: C:\\Users\\tony/.ssh/id_xmss
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,gssapi-with-mic,password,keyboard-interactive
debug1: Next authentication method: password
debug1: read_passphrase: can't open /dev/tty: No such file or directory
c2\tony@pxd-win1's password:

Verify compuare systeminfo | Select-String “Domain”

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Last modified February 2, 2026: phx ad draft (6013de8)