- 
                Notifications
    You must be signed in to change notification settings 
- Fork 802
OpenSSH utility scripts to fix file permissions
        Manoj Ampalam edited this page Jan 8, 2019 
        ·
        20 revisions
      
    Powershell utility scripts included in v0.0.15.0 onwards, aid in fixing permissions on various OpenSSH key and configuration files.
Improper file permissions will likely result in a broken configuration (OpenSSH fails to work). You may use the following scripts (provided in release payload) to help evaluate and fix any permission related issues.
Use it to fix file permissions on host side. Checks and fixes file permissions on:
- sshd_config
- host keys generated by ssh-keygen.exe -A
- any authorized_keys located in user profiles (%userprofile%\user.ssh\authorized_keys)
# Usage
#   Evaluate each file and prompt before making changes
.\FixHostFilePermissions.ps1
#   Evaluate and make changes without prompting
.\FixHostFilePermissions.ps1 -Confirm:$false
#   Evaluate and tell what changes this script will make
.\FixHostFilePermissions.ps1 -WhatIfUse it to fix permissions of client side files - keys and config files of current user. Checks and fixes permissions on:
- ~\.ssh\config
- 
~\.ssh\id_rsa,~\.ssh\id_rsa.pub
- 
~\.ssh\id_dsa,~\.ssh\id_dsa.pub
# Usage
#   Evaluate each file and prompt before making changes
.\FixUserFilePermissions.ps1
#   Evaluate and make changes without prompting
.\FixUserFilePermissions.ps1 -Confirm:$false
#   Evaluate and tell what changes this script will make
.\FixUserFilePermissions.ps1 -WhatifAbove 2 scripts use core functionality implemented in this base module. If you are dealing with a custom OpenSSH configurations, you may find the following functions useful.
Import-Module .\OpenSSHUtils.psd1 -Force
# All routines following -Confirm and -Whatif semantics
# fix permissions on a specified sshd_config
Repair-SshdConfigPermission -FilePath c:\test\sshd_config
# fix permissions on a specified host key
Repair-SshdHostKeyPermission -FilePath c:\test\sshtest_hostkey_ecdsa
# fix permissions on a specified authorized_key
Repair-AuthorizedKeyPermission -FilePath C:\Users\sshtest_ssouser\.ssh\authorized_keys
# fix permissions a specific ssh_config
Repair-UserSshConfigPermission  -FilePath '~\.ssh\config'
# fix permissions on an user key
Repair-UserKeyPermission -FilePath c:\test\sshtest_userssokey_ed25519- MSI Install Instructions
- Script Install Instructions
- Alternative installation using the universal installer
- Retrieving download links for the latest packages