5_15_2016

_This is a pre-release (non-production ready)_

The release adds the following security enhancements:

• sshd now runs in the context of a restricted service account. This account (visible in task manager as "sshd") only has SeAssignPrimaryTokenPrivilege required to spawn off session processes under client context).
• ssh-agent in implemented for Windows as a service running as "SYSTEM". This will execute key related privileged operations on sshd's behalf. It differs from UNIX version of ssh-agent as follows - it provides persistent storage of ssh private keys (both user and host). The keys are locked using user's password (using Data protection APIs). The storage is ACLed system only. As long as system is root-trusted, this ensures that the private keys are protected from malware. This also provides a single-sign on experience for Windows. Additional details
  • ssh-agent service can be started by any user but can only be stopped by admin
  • keys can be added to ssh-agent using ssh-add. Following flags are supported - lLdD
  • see wiki for details on how to register and secure host-keys.
• ssh-agent also implements key-based authentication for Windows - this includes verification of signature, authorizing the public key and generating client token. support for domain accounts is now added.
  • ssh-lsa from previous versions needs to be uninstalled and replaced with latest version. See wiki for details on how to do ths.

Known REGRESSIONS in this release:

• Secure loading of user profile is currently being worked on. Logging in using ssh and sftp will take you to %Windir%. If you are blocked on this, work around is to run sshd as Local System instead. This is being tracked as this issue