Press "Enter" to skip to content

Richy's Random Ramblings

Windows 10 OpenSSH – Storing keys using the SSH agent

August 24, 2019
Leave a Comment

This article is the second of a series I’ve written about migrating from using PuTTy on Windows to using the native OpenSSH client now available on Windows 10: you can read the rest of the articles via:

  1. Installation
  2. Storing keys using the SSH Agent < You are here
  3. Importing existing keys
  4. Creating a new public/private key pair
  5. Other useful OpenSSH commands
  6. Configuring Windows Git

To manage the OpenSSH keys, you need to add them to the ssh-agent (think of it as PuTTY’s Paegant). These keys will then be added to the user’s “Windows registry” and encrypted to their user profile (so, even if the key has an individual password on it, if somebody logins into your machine as user and has access to the registry, then they can access your private keys – if they log in as somebody else, your keys should be safe). This sounds like a security weakness, but is how MacOS and Linux handles keys anyway!

  1. Continuing in the Administration Powershell, we’re now going to start the SSH-agent which makes key management much easier:
    Start-Service ssh-agent
    If you get an error such as

    Start-Service : Service 'OpenSSH Authentication Agent (ssh-agent)' cannot be started due to the following error:
Cannot start service ssh-agent on computer '.'.
At line:1 char:1
+ Start-Service ssh-agent
+ ~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : OpenError: (System.ServiceProcess.ServiceController:ServiceController) [Start-Service],
ServiceCommandException
+ FullyQualifiedErrorId : CouldNotStartService,Microsoft.PowerShell.Commands.StartServiceCommand

    Then the service is probably disabled: check with: Get-Service ssh-agent | Select StartType
    If it is disabled, you’ll see:

    StartType
---------
Disabled

    Enable it with
    Get-Service -Name ssh-agent | Set-Service -StartupType Automatic
    (you might need to then start the service again using
    Start-Service ssh-agent
    Setting the service to “Automatic” means next time Windows starts and you login, your keys are automatically available to you!

Security

Once you have added the keys to the ssh-agent, it is then “safe” to delete the local key files. HOWEVER, you are NOT able to export the private keys from the ssh-agent (only show the public keys): so make a backup copy on a removable device (such as a USB key) which you keep in a very safe location in case something happens to your machine!

Windows 10 OpenSSH: Migrating from PuTTy: Installation

August 24, 2019
5 Comments

This article is the first of a series I’ve written about migrating from using PuTTy on Windows to using the native OpenSSH client now available on Windows 10: you can read the rest of the articles via:

  1. Installation < You are here
  2. Storing keys using the SSH Agent
  3. Importing existing keys
  4. Creating a new public/private key pair
  5. Other useful OpenSSH commands
  6. Configuring Windows Git

I’ve been a very very long time use of the excellent PuTTy SSH tools (since at least version 0.52 in 2002: at the time of writing, release 0.72 came out on the 20th of July 2019), but Windows 10 v1809 (also known as the Windows 10 April 2018 update), Microsoft finally added SSH support directly to Windows.

Whilst Microsoft does have a guide on their website about installing OpenSSH on Windows 10, it mixes setting up the OpenSSH client (which most people will want) with the OpenSSH server (which most people do not want) and it doesn’t give a guide on moving/migrating from PuTTy, so here’s the start of my guide!

Installation via PowerShell

  1. Open PowerShell as administrator:
  2. Install openSSH client:
    Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
    You should get output such as:

    Path          :
Online        : True
RestartNeeded : False

You will now have ssh, ssh-keygen, ssh-agent, ssh-add, ssh-keyscan, sftp and scp available!

The next step is setting up the ssh agent to store the keys

Smart Meters (1/2): Why you shouldn’t get one

February 1, 2019
1 Comment

Quite a few electricity and gas companies in the UK are ‘encouraging’ customers to get smart meters installed, but here are a few reasons why perhaps you should turn down these optional meters. I don’t necessarily agree or disagree with any/all of these points (in fact, I’ve also done a list of reasons why you should perhaps get one), but these are just ones I’ve heard/come across:

  1. SMETS1 restrictions. The ‘current/previous’ generation of smart meters, SMETS1, tend to be ‘locked’ to the installing company/supplier and become ‘dumb’ (unable to report readings/in home display inaccurate etc) if you move to another provider. The ‘new-gen’ SMETS2 meters (which will be rolling out this year – 2019) are multi-provider compatible.
  2. Privacy. Some people don’t like the idea of energy companies/Capita (who provide the ‘backend’ – DCC – to SMETS2 meters) knowing practically down to the minute how much power you are consuming (good indication of when you get up, when the house is empty, when you are cooking dinner etc etc)
  3. Security. Smart meters are electronic devices and therefore can be hacked (it’s currently unknown how easily/feasible though: yes, they use encryption but they have been plenty of insecure encryption deployments in smart devices in the past). So ‘third parties’ could not only get your usage information (see ‘Privacy’) but also have control over your meter.
  4. Control. Smart meters have a relay inside of them to enable the power to be turned off remotely. Handy if you’ve got an electrical issue or handy for the electrical company if your bill hasn’t been paid – not say handy if control has been taken by a third party (‘Security’) or if the billing company makes a mistake and marks you accidentally down as ‘not paid’.
  5. Technophobia. Smart meters communicate using radio waves (to the mobile phone networks) and also provide a ‘Zigbee’ network for in home devices and the like (as used by ‘smart bulbs’ and similar). Some people are scared of radio waves.
  6. Cost. Not just the cost of the meters, but the engineers time to replace the meters (and some people that had SMETS1 meters installed last year, may need to have a SMETS2 replacement meter next year). Somebody has got to be paying for all those meters and it’ll be the customers one way or another.
  7. Environmental. We’re going to be throwing away millions of ‘dumb meters’ which are perfectly functional and work. Hopefully, they’ll be recycled but who knows.
  8. Battery replacements. Batteries in smart meters (especially gas ones) are not user-serviceable and to change the battery requires breaking the tamper-resistant safety/security devices (which report back to the supplier/DCC if the meter has been ‘fiddled with’). Therefore when the battery dies (they currently have an estimated lifespan of 10 years: but we’ve all had batteries which are practically ‘dead on arrival’ and others which have lasted a lot longer than expected), the entire meter has to be replaced by an engineer.

On the flip side, have a look at my list of reasons why you perhaps should get a smart meter.

No matter who you get your gas/electricity from, you do want it to be cheap and environmentally friendly – perhaps consider switching to Bulb Energy. I’ve been with them since December 2017 and am more than happy with them (in fact, the majority of this post has been copied from a post I originally wrote on their community forums), and if you switch using my affiliate link here, we’ll both be credited with £50 and you’ll get 100% renewable electricity, 10%+ green gas and lower costs than the ‘big six’ and most of the other suppliers.

Smart Meters (2/2): Why you should get one

February 1, 2019
Leave a Comment

As a counter-argument to my previous post as to why you shouldn’t get a smart meter for your electricity and gas, here’s a list of reasons why you perhaps should.

I would suggest though waiting for your supplier (I use Bulb Energy and do recommend them – plus if you switch with my affiliate link we both get £50 credit and cheap gas and electricity) to roll out ‘SMETS2’ smart meters as these will continue working ‘in a smart manner’ no matter which supplier you are with whereas ‘SMETS1’ (the ‘current/previous’ generation) ones usually stop reporting meter readings when you switch suppliers or their in-home displays become inaccurate/stop working.

  1. Reducing running costs. Suppliers no longer need to send out meter readers to get accurate readings (especially from people who can’t/won’t provide readings themselves). This means they can keep their prices low and give you lower bills
  2. More accurate bills. Provided your meter reading a day or two early or unable to read your meter one month? Then you were probably getting an estimated bill – now with the data flowing to the supplier, you needn’t worry as they supplier can get the meter reading just when it is needed for your bill.
  3. Accessibility. A lot of people have no problems accessing and reading their meter, but others may have mobility problems, dyscalculia (‘dyslexia with numbers’), or the meter could be in a hard to access place (too low/high or in another building entirely under control of a nearly absent landlord). Smart meters means you don’t have to worry about reading it yourself.
  4. Detecting problems. Since the meter reports back to the supplier quite frequently, the supplier could notify you (or the local distribution network) if the usage is out-of-standard: left an electrical heater on in your garage for the last couple of days (whistles innocently) – then they could drop you an email saying ‘Check your appliances’. Likewise, elderly and disabled customers could have their power monitored and if it doesn’t have ‘customary peaks’ (i.e. kettle going on, tv usage) for 2 days, alert ‘next of kin/police/social services’ for a check-up.
  5. Customer education. Smart meters allow customers to easily see what is using their power/gas and adjust their usage in an intelligent manner (instead of just guessing) – we all ‘know’ filling your kettle to just the amount you need saves power, but if you’ve got an in-home display next to the kettle you can test it yourself and reinforce that knowledge.
  6. Flexible tariffs. Instead of having to get a physical meter swap to go between prepay, credit, Economy 7 – this can be remotely set by the supplier. Prefer to use a custom ‘smart meter’ tariff which has multiple rates during the day based on ‘grid demand’, then that can be done – allowing you to have cheaper power at lower demand times.
  7. Grid protection. Usually only applicable for heavy users (factories and the like) – under times of ‘unusually high demand’ (winter peak times for example), the supplier/national grid could then turn off the meters remotely to protect the National Grid from overdemand. This isn’t a new thing (the companies already have ‘shutoff’ agreements with heavy users), but it’s usually a manual process where they company is called and asked to cease operations. With smart meters, they can be provided with an ‘At risk’ notification (as they tend to do in the mornings now I believe) and if it comes to it, NG can shut things down and restart things just for the minimum time necessary.
  8. Environmental. I believe it’s easier to integrate ‘feed in’ items such as home solar panels and the like to smart meters rather than having to have multiple meters for it.
  9. Better home control. With smart meters supporting Zigbee (the same protocol used by ‘smart lights’), it is possible customers can have their in home systems integrate with it automatically – no need to bother manually adjusting storage radiators or timer switches on washing machines – with an integrated smart home, everything can come on at the cheapest time for you.
  10. Better flexibility for generators. At the moment, most Economy 7 and the like meters in a region are roughly the same time – but those times tended to be based on 60s-80s electrical usage patterns: but we don’t have many coal mines, steel factories, and other heavy usage factories nowadays – and in some areas, most people work 9-5 jobs meaning ‘peak times’ are now 9-5 instead of the traditional 6-2pm for factories. Smart meters will allow these times to be adjusted in smaller regions (or even nationwide) as the grid supply/demand curve changes: ensuring we don’t need too many generators ‘available’ at a time which then go idle 75% of the time.

On the flip side, have a look at my list of reasons why you perhaps shouldn’t get a smart meter.

No matter who you get your gas/electricity from, you do want it to be cheap and environmentally friendly – perhaps consider switching to Bulb Energy. I’ve been with them since December 2017 and am more than happy with them (in fact, the majority of this post has been copied from a post I originally wrote on their community forums), and if you switch using my affiliate link here, we’ll both be credited with £50 and you’ll get 100% renewable electricity, 10%+ green gas and lower costs than the ‘big six’ and most of the other suppliers.