As for those who are claiming this is a harbinger of Microsoft trying to take over SSH... well, get those tinfoil hats ready, kids. Looks like Nadella's Microsoft is willing to play nice in a wide variety of arenas, so you'll have all kinds of things to be foolishly terrified of.
google and see what microsoft did initially, now it's basically doing "if I can not beat it, I'll have to join it". microsoft does what it is doing now not because it favors open source, but it really has _no_ choice, and time is running out fast.
Micrsoft has not really earned my trust, still in IRC I use "M$" for it, but I do welcome their changes, let's wait and see, that what real contribution it will do for the OSS community.
Because MS never tried that? See Kerberos, for example:
https://en.wikipedia.org/wiki/Embrace,_extend_and_extinguish...
You download it from an unencryped, unsigned website, and there are GPG signatures available, but you can download the keys from the same unencryped, unsigned website.
A MitM attacker could easily manipulate the executables, sign them with his own keys, and do a MitM attack on the key page too.
This is not mere paranoia; we know now that the NSA has infrastructure to do such attacks fully automated and at scale.
You can't even use ECDSA, much less Curve25519-based solutions.
But up to this point, they are just trying to 'embrace'.
Lets see if they will 'extinguish'.
Embrace, Extend, Extinguish was the modus operandi of Gates and Ballmer. Satya Nadella is now at the helm and he does not have the same history nor is he moving in the same directions. Satya is a different person and I'm holding judgement till I see the fruits of his labor and how far his leadership trickles down.
Wrong. It's too late to automatically assume they've changed their game. They have been making some impressive moves lately, but that doesn't mean they're suddenly trustworthy.
there's not even an obvious way to get from here to "extend"
just look at all the nonstandard SSH authentication methods that exist across networking devices.
* The Registry. * Drive letters and associated anachronisms. * A sane service manager. * The Windows API in general.
The total count of devices supported by Linux exceeds that of any other OS, based on statements from Greg KH and others.
Windows has an edge in some areas of proprietary desktop hardware (see Linus's infamous but richly appropriate "fuck you, Nvidia" comment). But that's superiority in a narrow (though highly significant) niche.
As desktop falls in significance, that edge and leverage will be less valuable.
In any case, I still think it's a smart move. It doesn't mean IIS or MS SQL Server need to go away or would even lose market share. (But I'm stating that as a "perhaps," not a fact :) )
If not, at least they're pushing many of their core technologies to it (.NET, etc.) so it's still a net positive.
Windows has almost nothing in common with Unix under the hood and this isn't anything that can be changed with some incremental subsystem additions.
Only a complete rewrite from scratch could accomplish that, and even then, it's quite likely they'll base it on the Singularity plans from Microsoft Research rather than on Unix (there already is such a tentative project codenamed Midori).
SSHing into a Windows box with file shares open to other hosts is ... interesting. You're outside the normal user authentication scope, and CIFS/SMB fileshare is (pardon extremely imprecise descriptions) authenticated and contextualized via the desktop login. CALS accounting too, and I've run into exceptionally annoying concurrency limits as a result.
Contrast with, say, NFS or iSCSI where filesystem mounts are managed at the system level, possibly with automounter support for apparently seamless behavior.
My read of this is that this is largely geared at 1) providing additional support for OpenSSH development (a Good Thing), and 2) (finally) delivering an SSH client on the default install.
Really, about fucking time, that.
Though recently some not official versions had malware installed if I'm remembering. I'm wondering if this is a response to that.
Don't worry though, the page has checksums you can validate your download against! Except those are also served over HTTP.
There's also Cygwin, which comes with the OpenSSH server in addition to the client. For a preconfigured Cygwin when I needed it, found Babun to be useful: https://babun.github.io/
The fact is the industry has changed. Trends have shifted. Microsoft, especially now with Nadella running the show realize they can't dictate what developers need. If they want to stay relevant they needs to give the people what they want.
http://blogs.msdn.com/b/looking_forward_microsoft__support_f...
Interesting insight into 'new Microsoft': first two times Powershell team asked to add SSH, they were rejected. Now it's OK: see last paragraph of http://blogs.msdn.com/b/looking_forward_microsoft__support_f...
I am of course referring to the still existent non-startup style companies which might have non-technical users/staff such as Project Managers or Business Analysts etc. In my experience, once a company gets past 50 users or so, Windows is still the way to go.
Sincerely hope they will donate to the OpenSSH project to support its ongoing development going forward and not just mooch off it as many other companies do.
It appears people are building it against MinGW? ( https://www.nomachine.com/AR05H00563 )
If we can already build Windows binaries of OpenSSH, why does it matter if Microsoft begins to offer that also? Is Microsoft going to provide full source for their build process? If they don't, would it be a good idea to even use it?
That described Windows for a long time, but seems like things are changing.
Then Microsoft killed it.
