Microsoft Will Support OpenSSH In Windows PowerShell

Subject: General Tech | June 7, 2015 - 08:35 PM |
Tagged: windows, remote management, powershell, openssh, mac os x, linux

Citing both leadership and corporate cultural changes within Microsoft, the PowerShell team – led by Team Group Software Engineering Manager Angel Calvo – excitedly announced support for OpenSSH earlier this week. Specifically, the team (finally, after the third such attempt) got the go-ahead from Microsoft's leadership and plans are underway to natively support OpenSSH in PowerShell as well as to contribute to the OpenBSD project on behalf of Microsoft.

Details are scarce, but this is great news for system administrators and a nice extra feature for enthusiasts that like to dabble in those "other" operating systems (which is to say, pretty much every OS except Windows) and remotely access them over a secure SSH connection to perform maintenance or transfer files.

PuTTY and PSCP from Windows to Linux Machine.jpg

Currently, Windows users need to use third party tools to support SSH clients and servers such as PuTTY (and PSCP) and Cygwin (not pictured).

Until now, users have had to rely on third party tools such as PuTTY, Filezilla, and Cygwin among others for their SSH, SCP, and SFTP needs. Accessing Linux machines using PuTTY is fairly straightforward, but going the other direction and trying to set it up so that you can access a Windows machine from a Linux machine over SSH could certainly be made easier and more stable. Native support for OpenSSH would mean both client and server support built into Windows and support for SSH, SFTP, and SCP protocols. 

From the MSDN blog and this twitter exchange, OpenSSH in Windows PowerShell is still in its infancy. It will not be launching with the rest of Windows 10 on July 29th, but with the level of customer interest hopefully pushing the refreshed Microsoft to make this a priority we may see it within the next year or two, and certainly before Windows 11!

Are you ready to get your native SSH on using PowerShell, or will you be sticking with your current third party implementations?

Source: Microsoft

A Summary of the Recent Open Source Security News

Subject: General Tech | June 1, 2014 - 04:04 AM |
Tagged: TrueCrypt, security, openssl, openssh, heartbleed

This week has been most notable for security, as previous news suggests. TrueCrypt, the popular file encryption suite, lost its developers when they wanted to call it quits -- right in the middle of its audit. While on that topic, OpenSSL is being given money and full-time developers, in response to the recent Heartbleed fiasco. OpenSSH and Network Time Protocol, and others in the future, are also being given love.

Yes, these are two separate pieces of news that are combined into a single article.

TrueCrypt_Logo.png

Earlier, we reported on TrueCrypt's mysterious implosion. The developers' alleged last advice, use closed source solutions or whatever comes up on a random package manager search, I considered too terrible to have been from them. Seriously, from "Trust No-One" to "Trust Who Knows". Just does not seem right...

Since the article, they have apparently been contacted and confirmed that the project is being shut down. That said, it seems like basically every source cites the third-party auditors and no-one else seemed to have direct contact with them -- so who knows. Regardless, the audit is apparently still going on and might lead to a usable fork maintained by someone else.

As for the second piece of news -- several other libraries are getting serious security audits. Apparently, The Linux Foundation has arranged for a long list of companies to commit $5.4 million, over three years, to audit and maintain these projects. As mentioned, OpenSSL, OpenSSH, and Network Time Protocol are the first three mentioned, but others will be included later. Also, that budget can increase as other companies and donors step up.

Currently, the donors are: Adobe, Amazon, Bloomberg, Cisco, Dell, Facebook, Fujitsu, Google, HP, Huawei, IBM, Intel, Microsoft, NetApp, Qualcomm, Rackspace, Salesforce, and VMware. Eighteen companies, each pledging $100,000 per year for three years.

All in all, it seems like the world is on the path to righting itself, somewhat.

Source: Ars Technica