Installing Ubuntu Server on your New Virtual Machine

<< Creating the Virtual Machine

With our VM setup and booted to the Ubuntu installer we can go ahead and install the OS. Follow the steps below to install Ubuntu Server. You can use Space to select things, Tab and Arrow keys to navigate the installer UI.

Post Install

In the event that the installer asks you to remove the installation media, just ignore it and hit enter. Hyper-V will automatically update the boot priority for you. After the reboot process has completed, you will be greeted by a login screen.

After you are logged in, run sudo apt update to update package repositories.

Now run sudo apt upgrade -y to update packages.

This next section uses the OpenSSH Client feature in Windows 10 1809+. Prior versions of Windows do not have the ability to add the OpenSSH client feature. You will need to install PuTTy to do SSH connections on prior editions of Windows.

You should update to Windows 10 as Windows 7 is now EOL (End Of Life) as of 14 January, 2020!

Securing the Virtual Machine’s SSH Access via Key File

Next we need to secure SSH access to the virtual machine using a public/private key pair. Start by installing the OpenSSH Client service feature.

# PowerShell [Hyper-V Host] - ELEVATED SESSION
Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'

# RETURN EXAMPLE:
Name  : OpenSSH.Client~~~~0.0.1.0
State : Installed
Name  : OpenSSH.Server~~~~0.0.1.0
State : NotPresent

# SECOND COMMAND TO RUN:
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
# Change OpenSSH.Client~~~~0.0.1.0 to match the version listed from first command!

By default, SSH is done through user/password authentication. To setup key file authentication (which is more secure) we need to first generate a public/private key pair. First SSH to your virtual machine via PowerShell.

# PowerShell [Hyper-V Host]
ssh [email protected]

We will be using ecdsa for our key encryption. However you can use rsa if needed by removing -t ecdsa from the command.

# BASH [Linux VM]
ssh-keygen -t ecdsa -b 521 -C "CHANGE ME TO THE NAME OF YOUR LINUX HOST"

–C indicates a comment in the key file. I usually use the hostname for the comment. You can run hostname command in the VM’s cli to get your VM’s hostname if you forgot it after setup.

Additionally if you specify a name during the key pair creation process, you will need to copy the newly created .pub key into the ~/.ssh/authorized_keys directory. Failure to do this will cause key auth to fail. See here (step 4).

Fill out the rest of the information it asks for. You can hit Enter to leave things blank or default. Run ls ~/.ssh/ to verify if your key pair was successfully created.

Obtaining the Virtual Machine’s Private Key

Now we need to copy the private key file to your Windows machine. For simplicity’s sake we will be using an FTP client (FileZilla) to grab the private key file. Connect to your VM via FTP and navigate to /home/YOUR USERNAME/.ssh.

Step	Description
1.	Host: sftp://IP.Of.VM Username: VM UserName Password: VM User Password
2.	Port = 22
3.	Navigate to /home/YOUR USER NAME/.ssh
4.	Click quickconnect.
5.	Double click your private key to download it.

Your key will end up in your default downloads directory. Copy the key to a folder called .ssh in your C:\Users\YOUR USERNAME\ directory.

---

You can use any FTP client you wish, WSL with scp, or the POSH-SSH PowerShell module to transfer the private key.

# PowerShell [Hyper-V Host]
Install-Module -Name Posh-SSH
$credential = Get-Credential
mkdir $ENV:UserProfile\.ssh
Get-SCPFile -ComputerName 'Linux Hostname/ip' -Credential $credential -RemoteFile '~/.ssh/id_ecdsa' -LocalFile $ENV:UserProfile\.ssh\id_ecdsa
Uninstall-Module -Name Posh-SSH

Thanks Scott H for verifying the SSH steps for the Posh-SSH module and helping me fix the command structure!

WSL Users: Open a bash session locally and use SCP to obtain the ssh key!

# BASH via WSL [Hyper-V Host]
scp [email protected]:~/.ssh/id_ecdsa /mnt/c/Users/YOURUSERNAME/.ssh/id_ecdsa

---

After we copy down the private key file we can test the SSH connection via the OpenSSH client package built into Windows 10 1809+.

# PowerShell [Hyper-V Host]
Start-Service ssh-agent
ssh-add $ENV:UserProfile\.ssh\id_ecdsa
Restart-Service ssh-agent

# CONNECTION STRING:
ssh -i $ENV:UserProfile\.ssh\id_ecdsa [email protected]

Editing the Virtual Machine’s sshd_config File

If your connection is successful, we can go ahead and disable SSH password auth. To do this we need to edit the sshd_config file in Ubuntu.

# BASH [Linux VM]
sudo nano /etc/ssh/sshd_config

Now find and edit the entries in the config file:

• PasswordAuthentication no
• ChallengeResponseAuthentication no
• UsePAM no

Then hit CTRL+X then Y to save the file and restart the ssh service:

# BASH [Linux VM]
sudo systemctl restart ssh

After running the restart command, you will get disconnected from the VM. Give it a few seconds to a minute and then connect back to your host by running ssh -i $ENV:UserProfile.ssh\id_ecdsa [email protected] again in your PowerShell session.

By the way the Hyper-V console acts as a physical host connection (think monitor, keyboard and mouse) to the VM. Which allows you to use your user/pass to gain access to the VM if SSH access dies for some reason.

Windows 10 SSH Client supports an ssh config file! This file can be placed in the .ssh folder and can use standard UNIX syntax!

---