Background story
I want to access my laptop remotely through SSH. However, my laptop are firewalled on strict network environment, I can't even access github.com. and to download the MSYS2 installer that are hosted on github, I need to download from different network, upload it to gdrive and finally I can download the installer through gdrive, you can imagine how troublesome it is. Therefore I need tailscale to overcome this situation.
Choose the OpenSSH server
The OpenSSH server I installed are provided by MSYS2, while there's Windows version available out there, I choose this one because I have two reason:
- somehow I can't install the Windows version, it's always failed when I install it
- the MSYS2 version provide unix environment that could be useful for me personally
Setup OpenSSH server
My C:\msys64\etc\ssh\sshd_config
file (I've omitted default config for the sake of brevity):
# Logging
#SyslogFacility AUTH
#LogLevel INFO
LogLevel DEBUG3
SyslogFacility LOCAL0
StrictModes no
PubkeyAuthentication yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
#PermitEmptyPasswords no
Match Group administrators
AuthorizedKeysFile ".ssh/authorized_keys"
Logging is super useful if you encounter any problem while attempting to connect to your machine.
in case you don't know how to generate a pair of key for authentication, visit this post.
- validate the
authorized_keys
by execssh-keygen -l -f <path-to-authorized_keys>
- validate sshd service are running properly by check the log:
/var/log/msys2_sshd.log
and check the status:sc.exe query msys2_sshd
- for debugging purposes:
tail -n 1 /var/log/msys2_sshd.log
- The authentication method I used is public key-based authentication, remember to setup the
authorized_keys
on MSYS2 environment (in my caseC:\msys64\home\ACER
). - You need to run the bash script script as administrator/root, it will setup sshd service and automatically start on boot.
- By default, tailscale will auto start on boot, you can verify this by execute
ipconfig
oncmd
and see whether tailscale interface is exist or not. - See the respective manual page for further explanation.