Since Microsoft has been criticized by Linux adepts for its inability to modularize Windows like Linux and Server Core installations are pretty much the first incarnation of Microsofts vision in this territory, let’s go a little further into uncharted territory and start managing Server Core using PuTTY over SSH. SSH is the default management method for Linux boxes.

Tools

I’ll be setting up OpenSSH on a x86 version of a Server Core installation of Windows Server 2008 Standard. To install it I’ll simply use Cygwin package 1.5.25-15, which can be downloaded from the Cygwin Website On the client level I’ll use PuTTY 0.60, which can be downloaded from the PuTTY Download Page for free.

In the table below are the versions of the tools used:

Tool

Version

 

Cygwin installer

2.573.2.2

OpenSSH

5.1p1-3

DiffUtils

2.8.7-1

PuTTY

0.60

Server side configuration

Download Cygwin

To install Cygwin you can use the Installation Wizard (setup.exe) from the website. It weighs 405 KB.

This Installation Wizard was previously available as a FTP download, but recently the Cygwin people decided to stick with website hosting only, allowing the program to retrieve the files and packages it needs using FTP. This step makes installing Cygwin on a Server Core installation slightly more difficult, because you now need a browser to download it.

On the other hand it offers the ability to combine the Installation Wizard and the necessary packages on a different host than your Server Core installation, which might be useful when your Server Core box can’t access the Internet or you want to deploy loads of SSH servers to manage your Server Core boxes and don’t want to strain your Internet connection too much.

Get the Cygwin installer on your Server Core

After you’ve downloaded the Cygwin Installation Wizard you need to transfer the file to your Server Core installation. You can use various methods, including: (but not limited to)

 Copying the file to a USB or other portable rewritable media

 Burn the file onto a CD or DVD media

 Convert the file to a ISO file and mount it on your Server Core box (using DRAC/ILO)

26

 Place the file on a SMB File Share and map a drive to it on your Server Core box

 Place the file on an internally available FTP Server and grab it using ftp.exe.

Run the software installer

To start the installation change your prompt to the directory where setup.exe resides and type setup.exe. The Installation Wizard should appear. Perform the following steps:

 In the Cygwin Net Release Setup Program screen, which serves as a Welcome screen press Next >.

 In the Choose a Download Source select the Install from Internet (downloaded files will be kept for future re-use) option. When you have previously used the Download without Installing option to leech the 16 MB needed for OpenSSH and other utilities and distributed these files with setup.exe you can specify the Install from Local Directory option. Press Next >.

 In the Select Root Install Directory screen type a directory to install Cygwin in, or accept the default location of C:\Cygwin. Under Install For verify All Users is selected. Under Default Text File Type verify Unix / binary is selected.

 Press Next > when done.

 When you’ve selected to Install from Internet (step 2) specify the Local Package Directory on the Select Local Package Directory screen where you want the Cygwin Installation Wizard to store the installation files it downloads. Afterwards press Next >.

 In the Select Your Internet Connection screen choose from Direct Connection and Use HTTP/FTP Proxy to best describe your connection to the Internet and press Next >.

 In the Choose A Download Site screen select a mirror site close to your location to download the remainder of the setup files from. Check the Cygwin Mirror Sites page for more information on the mirrors. Press Next > when done.

 In the Select Packages screen open the Net category and scroll down until you reach the openssh: The OpenSSH Server a… entry. Click on the Skip button thingy in the second column to change it. OpenSSL will be installed automatically as well, which is fine. Also open the Utils category and scroll down until you reach the Diffutils. Install these. Press Next >.

 When you receive a window stating you also need to download a couple of packages your packages depend on (dependencies) choose the recommended setting to install these and press Next >.

 Wait for the Cygwin Installation Wizard to download the necessary packages. Wait a little longer for the Cygwin Installation Wizard to install the programs. In the Create Icons screen deselect the Create icon on Desktop and Add icon to Start Menu options. We won’t be needing them. Press Finish when done.

I noticed my Server Core box downloaded 16,5 MB from the mirror website. 27

Configure OpenSSH

Type the following command in the folder where you installed Cygwin (refer to step 3) and run the following command:

Cygwin.bat

On the first run this will make Cygwin perform a couple of basic steps regarding the skeleton files before it will display its prompt. On the prompt type the following commands:

chmod +r /etc/passwd chmod +r /etc/group chmod 755 /var

ssh-host-config

Question

Answer

Should privilege separation be used?

 

yes

Should this script attempt to create a new local account ‘sshd’?

 

yes

Do you want to install sshd as a service?

 

yes

Enter the value of CYGWIN for the deamon : [ntsec]

 

ntsec

Do you want to use different name?

 

no

Create new privileged user account ‘cyg_server’?

 

yes

Please enter the password:

 

Any Password*

 

Reenter:

 

Any Password*

 

* these two values should meet the password complexity requirements.

You should receive the message when done:

*** Info: Host configuration finished. Have fun!

 

 

Create a Firewall exclusion

The Installation Wizard will not create a firewall exception by default, so you need to make one yourself. Use the following command to do so:

netsh advfirewall firewall add rule name=”OpenSSH Server” protocol=TCP dir=in localport=22 action=allow

 

28

Start the OpenSSH Server

The last step on the server is to start the Open SSH Server, by typing:

net start sshd

Note:

 

The CYGWIN sshd service is set to start automatically every time you reboot. You will only have to type the above command once. Alternatively to typing the command you could restart your Server Core box.

Client side configuration

On the intended client download a SSH client. PuTTY is by far the most popular SSH client. It is a Graphical SSH client for Windows and the best thing it’s free.

Installing PuTTY

After installing and configuring OpenSSH on your Server Core installation you might suspect installing PuTTY on Windows is tricky as well, but it isn’t. Technically you can’t even install PuTTY: you simply download PuTTY and store putty.exe somewhere. (I’ve placed putty.exe on my desktop for easy access.)

Running PuTTY

To run PuTTY simple double-click it.

Note:

 

When you’ve downloaded putty.exe with Internet Explorer and stored it on a NTFS formatted drive you might get a Security Warning. To disable this warning right-click on putty.exe and open its properties. At the bottom of the General tab you’ll find a button labeled Unblock next to the text “This file came from another computer and might be blocked to help protect this computer.” Pressing the Unblock button will remove the text, the button and the Security Warning.

Connecting with PuTTY

To connect to your Server Core installation of Windows Server 2008 type the IP address or DNS name of your Server Core box in the Host Name (or IP address) field of the PuTTY Configuration Screen and press the Open button.

Log in with your credentials and presto!

 

Answer the following questions: