Sunday, November 8, 2009
SSH server for Windows, and the winner is…
I’ve spent part of the weekend testing a pool of candidates for serving as SSH servers on a Windows XP machine (the OS is not chose by me, and cannot be changed).
Requirements:
- The server will be accessed using ssh clients, scp command, sftp, and svn+ssh.
- The server has to be free (as in beer, but open source solutions are preferred).
As I just said, the winner is Copssh, while the losers are freeSSHd and KpyM. Let’s go now to the motivations:
Both freeSSHd and KpyM have simple and intuitive installation processes and user interfaces which made me think they could be easier to handle with respect to the openssh/cygwin solution, but…
Copssh is a wrapper package that wraps an openssh/cygwin installation, and it plays its wrapper role very well.
The installation process requires just a few clicks on a wizard-style interface. Copssh also adds a start menu group with the options for adding and removing ssh users. The add user program allows very easily to create and properly place the private/public keys for public key authentication.
This two features (simple setup and simple user management) are the only thing that were missing from the original openssh/cygwin solution, and copssh completes this gap.
The additional configuration parameters can be changed by modifying a clearly-documented text file.
For example, in order to disable password based authentication, thus leaving active only the public key authentication, one can set
PasswordAuthentication no
in the sshd_config file, and it is all done.
With respect to the quality of the SSH server, I think that it wins hands down on the competitors, with a special mention for the responsiveness of shell and file browsing. On freeSSHd I’ve experienced a number of issues while remotely browsing files from Ubuntu, and also to get public key authentication to work. The fundamental issue with KpyM is the choice of the author of requiring a serial key in order to remove a five second nag screen displayed at shell login.
Do you know any other alternative to test?