Re: Do not, ever, enable WSL
Sigh.
@Jonnyboy1991, do you ever read what I post or did you just post on this topic to rant at someone? The same applies to you, Kyle12. I believe I have stated, several times, that there is no way to secure Microsoft's SSH server, nor was there a way to configure it. If your going to rant, rant somewhere else. WSL, it seems, has nothing to do with this. Stopping the SSH service in WSL will not stop the SSH server Microsoft has created. There is only one way to do that, and that is to disable device discovery, disable developer mode, set windows to only allow windows store apps to run, and then re-enable developer mode. (I am not even sure if doing the procedures in that guide work properly; I can still SSH into my machine and I do not have any SSH servers running but do have developer mode enabled.) This is not the same as opening a Linux SSH server up to the world. At least with Linux there are not only ways to secure an SSH server but there are ways to protect it fro
m malicious hackers who wish to dominate your computer for their own means by using SSH. Windows's SSH implementation has none of that, according to this.
@slender, the services that concerns this, so far that I've found are SSH Server Broker and SSH Server Proxy. Also, checking with netstat -a won't show you it. The only way you'll even notice it's there is by doing a port scan of your computer. Other than that, it's literally unnoticeable. I did netstat -a | grep "22" and found:
TCP 0.0.0.0:22 api:0 LISTENING
But this does not suggest it's SSH. True, that's the most likely candidate -- who would set an app to run on that port? -- but anyone could set an app to run on port 22 if they really wanted to. Discovering this was actuall
y an accident -- I was trying to help a friend install Arch on a VM and he wanted me to SSH in to help him with some things. (And no, that is not permission for you to victimize him either, in case you really wanted to.)
Also, don't try and use local users and groups (if you can even access it) to secure this service; it won't work. This server, for whatever reason, bypasses all security measures you attempt to put in place for it (besides not ever forwarding that port at all).
Also, the /etc/ssh/sshd_config file that WSL provides will not configure the Microsoft SSH server for windows; rather, it will configure the SSH daemon that WSL provides (for whatever reason). Again, I'm still wondering why Microsoft wrote their own SSH server when they could have used OpenSSH to do it for them.
_______________________________________________ Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
