Installing Ubuntu Server on your New Virtual Machine

<< Creating the Virtual Machine

With our VM setup and booted to the Ubuntu installer we can go ahead and install the OS. Follow the steps below to install Ubuntu Server. You can use Space to select things, Tab and Arrow keys to navigate the installer UI.

Time needed: 20 minutes.

Installing Ubuntu Server

  1. Select your language

    This is the system language your new OS will use. So make sure you are fluent with it.

  2. Done

  3. Set your preferred keyboard layout

  4. Done

  5. Verify your network connection info

    Make sure your VM is getting an IP from your network, and if not make sure you setup a static address so it can communicate!

  6. Done

  7. Done

  8. Done

  9. Use An Entire Disk

  10. Done

  11. Select your Disk

    It may say “local disk”, “MSFT Disk”, etc.

  12. Enter

  13. Done

  14. Continue

  15. Fill out the following fields:

    Your Name
    Your Server’s Name: <must be all lowercase>
    Pick a username: <must be all lowercase>
    Choose your password
    Confirm your password

  16. Done

  17. Install OpenSSH Server [Checked]

    Don’t worry about the SSH key stuff as we will do this later.

  18. Done

  19. Deselect anything that is enabled in Server Snaps.

    You won’t be using snaps for anything on this server.

  20. Done

  21. Wait for Installation to complete and select reboot.

Post Install

In the event that the installer asks you to remove the installation media, just ignore it and hit enter. Hyper-V will automatically update the boot priority for you. After the reboot process has completed, you will be greeted by a login screen.

Image shows the login screen for the virtual machine
If you happen to get a readout for ssh key gen and cant see the login, click into the VM an hit the Enter key once. This will clear the screen and show the login view.
Image shows the post login screen of the virtual machine after successful login.

After you are logged in, run sudo apt update to update package repositories.

Gif demonstrates the apt-get update command.

Now run sudo apt upgrade -y to update packages.

This next section uses the OpenSSH Client feature in Windows 10 1809+. Prior versions of Windows do not have the ability to add the OpenSSH client feature. You will need to install PuTTy to do SSH connections on prior editions of Windows.

You should update to Windows 10 as Windows 7 is now EOL (End Of Life) as of 14 January, 2020!

Securing the Virtual Machine’s SSH Access via Key File

Next we need to secure SSH access to the virtual machine using a public/private key pair. Start by installing the OpenSSH Client service feature.

# PowerShell [Hyper-V Host] - ELEVATED SESSION
Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'

Name  : OpenSSH.Client~~~~
State : Installed
Name  : OpenSSH.Server~~~~
State : NotPresent

Add-WindowsCapability -Online -Name OpenSSH.Client~~~~
# Change OpenSSH.Client~~~~ to match the version listed from first command!

By default, SSH is done through user/password authentication. To setup key file authentication (which is more secure) we need to first generate a public/private key pair. First SSH to your virtual machine via PowerShell.

# PowerShell [Hyper-V Host]
ssh [email protected]

We will be using ecdsa for our key encryption. However you can use rsa if needed by removing -t ecdsa from the command.

# BASH [Linux VM]
ssh-keygen -t ecdsa -b 521 -C "CHANGE ME TO THE NAME OF YOUR LINUX HOST"

C indicates a comment in the key file. I usually use the hostname for the comment. You can run hostname command in the VM’s cli to get your VM’s hostname if you forgot it after setup.

Additionally if you specify a name during the key pair creation process, you will need to copy the newly created .pub key into the ~/.ssh/authorized_keys directory. Failure to do this will cause key auth to fail. See here (step 4).

Fill out the rest of the information it asks for. You can hit Enter to leave things blank or default. Run ls ~/.ssh/ to verify if your key pair was successfully created.

Obtaining the Virtual Machine’s Private Key

Now we need to copy the private key file to your Windows machine. For simplicity’s sake we will be using an FTP client (FileZilla) to grab the private key file. Connect to your VM via FTP and navigate to /home/YOUR USERNAME/.ssh.

Shows how to connect to the virtual machine using FileZilla's FTP client.
1.Host: sftp://IP.Of.VM
Username: VM UserName
Password: VM User Password
2.Port = 22
3.Navigate to /home/YOUR USER NAME/.ssh
4.Click quickconnect.
5.Double click your private key to download it.

Your key will end up in your default downloads directory. Copy the key to a folder called .ssh in your C:\Users\YOUR USERNAME\ directory.

You can use any FTP client you wish, WSL with scp, or the POSH-SSH PowerShell module to transfer the private key.

# PowerShell [Hyper-V Host]
Install-Module -Name Posh-SSH
$credential = Get-Credential
mkdir $ENV:UserProfile\.ssh
Get-SCPFile -ComputerName 'Linux Hostname/ip' -Credential $credential -RemoteFile '~/.ssh/id_ecdsa' -LocalFile $ENV:UserProfile\.ssh\id_ecdsa
Uninstall-Module -Name Posh-SSH

Thanks Scott H for verifying the SSH steps for the Posh-SSH module and helping me fix the command structure!

WSL Users: Open a bash session locally and use SCP to obtain the ssh key!

# BASH via WSL [Hyper-V Host]
scp [email protected]:~/.ssh/id_ecdsa /mnt/c/Users/YOURUSERNAME/.ssh/id_ecdsa

After we copy down the private key file we can test the SSH connection via the OpenSSH client package built into Windows 10 1809+.

# PowerShell [Hyper-V Host]
Start-Service ssh-agent
ssh-add $ENV:UserProfile\.ssh\id_ecdsa
Restart-Service ssh-agent

ssh -i $ENV:UserProfile\.ssh\id_ecdsa [email protected]

Editing the Virtual Machine’s sshd_config File

If your connection is successful, we can go ahead and disable SSH password auth. To do this we need to edit the sshd_config file in Ubuntu.

# BASH [Linux VM]
sudo nano /etc/ssh/sshd_config

Now find and edit the entries in the config file:

  • PasswordAuthentication no
  • ChallengeResponseAuthentication no
  • UsePAM no

Then hit CTRL+X then Y to save the file and restart the ssh service:

# BASH [Linux VM]
sudo systemctl restart ssh

After running the restart command, you will get disconnected from the VM. Give it a few seconds to a minute and then connect back to your host by running ssh -i $ENV:UserProfile.ssh\id_ecdsa [email protected] again in your PowerShell session.

By the way the Hyper-V console acts as a physical host connection (think monitor, keyboard and mouse) to the VM. Which allows you to use your user/pass to gain access to the VM if SSH access dies for some reason.

Windows 10 SSH Client supports an ssh config file! This file can be placed in the .ssh folder and can use standard UNIX syntax!