Installing FreeSSHd to support WiSSH Clients
FreeSSHd is a new SSH daemon server that runs directly on Windows NT or better. Running directly on Windows keeps your network homogenous and you will not have to introduce Linux or UNIX servers into the mix of systems you already need to support. This also makes it very easy to keep your remote access passwords in synch with your standard Windows network passwords. FreeSSHd uses standard Windows authentication and/or private/public keys for two factor authentication.
This how-to will quickly get your system installed and will show you the fastest way to get your remote access solution in production.
Install your server hardware and operating system. This server should be fully patched and secured. SSH tunneling requires very little system horsepower, and it is usually acceptable to run on older hardware.
You must secure this system from the Internet! If you leave the system unprotected, you will be compromised. The only requirement is that you leave the SSH port (22 tcp) open to the internet, and the RDP (3389 tcp) and DNS (53 udp) ports open to the internal network. If you have a DMZ, this is optimal. However, even software based local firewalls will help. Please see our technology documents for more information as to what requirements for your firewalls. Depending on if you want to allow domain or Active Directory authentication, you may need to allow additional ports to your internal network, usually NetBIOS (137 tcp).
 FreeSSHd Control Panel |
First, download the current release of FreeSSHd.
Run the installation on the server. Once it completes, run the software and click the icon in
the system tray.
You should see the SSH server running. Only the screens that are required to make WiSSH run will be covered. The documentation included with FreeSSHd will guide you for any other required settings. |
 FreeSSHd Authentication |
On the SSH / Authentication page, you can enable password and/or public key authentication methods.
The path shown for public keys says that a key will be stored in the ssh_public_keys folder in each
user's home directory. The file must be named the same as the user ID. For example: c:\documents and settings\JoeUser\ssh_public_keys\JoeUser If you want to require only Public key authentication, set it to Required, and change Password authentication to Disabled. |
 FreeSSHd User Restrictions |
The user restrictions tab is extremely important. As of version 1.05, FreeSSHd does not support
domain or Active Directory accounts, only local accounts. So you will need to create and configure
local accounts for any remote access users. Passwords will not be synchronized with the domain.
Domain accounts are scheduled to be included in the near future. On this screen, select the users that are allowed access, and give them Tunnel access. Shell and SFTP access are not required for WiSSH functionality. |
WiSSH Connection
WiSSH should now connect successfully to the server. If you have issues, please view both the WiSSH client log and you can enable the FreeSSHd log on the server. You may need to verify that the necessary ports are available on the server, and that the server can resolve the client hostnames. Remember, the Hostname entered in WiSSH is from the point of view of the SSH server.
For more information on FreeSSHd, please view their support forums. It should answer many of your questions about the software and help you to further configure it to meet your needs.
