@echo off setlocal EnableDelayedExpansion REM ============================================================ REM Phase 7.x SSH-Diagnose REM Liest sshd_config + OpenSSH-Event-Log um zu sehen warum REM Connection direkt nach KEX geschlossen wird (vor Pubkey-Versuch). REM Rechtsklick -> "Als Administrator ausfuehren" REM ============================================================ set "OUTFILE=%USERPROFILE%\Desktop\PHASE7X_SSH_DIAG.txt" set "AGENT_HOST=bridge.xxbillion.ai" set "SSHCFG=C:\ProgramData\ssh\sshd_config" echo. > "%OUTFILE%" echo ============================================ >> "%OUTFILE%" echo Phase 7.x SSH-Diagnose >> "%OUTFILE%" echo Datum: %DATE% %TIME% >> "%OUTFILE%" echo Host : %COMPUTERNAME% >> "%OUTFILE%" echo ============================================ >> "%OUTFILE%" echo. >> "%OUTFILE%" echo --- 1. sshd_config (nur aktive Zeilen, ohne Kommentare) --- >> "%OUTFILE%" if exist "%SSHCFG%" ( findstr /v /b "#" "%SSHCFG%" | findstr /r /v "^$" >> "%OUTFILE%" 2>&1 ) else ( echo NICHT VORHANDEN: %SSHCFG% >> "%OUTFILE%" ) echo. >> "%OUTFILE%" echo --- 2. sshd_config — Match-Blocks auch fuer Admins zeigen --- >> "%OUTFILE%" if exist "%SSHCFG%" ( findstr /n /i "Match Group Admin AllowGroups DenyGroups AllowUsers DenyUsers PermitRootLogin PubkeyAuth PasswordAuth AuthorizedKeysFile" "%SSHCFG%" >> "%OUTFILE%" 2>&1 ) echo. >> "%OUTFILE%" echo --- 3. sshd Service-Konfiguration --- >> "%OUTFILE%" sc qc sshd >> "%OUTFILE%" 2>&1 echo. >> "%OUTFILE%" echo --- 4. OpenSSH-Event-Log letzte 15 Eintraege --- >> "%OUTFILE%" powershell -NoProfile -Command "Get-WinEvent -LogName 'OpenSSH/Operational' -MaxEvents 15 -ErrorAction SilentlyContinue | ForEach-Object { Write-Output ('[' + $_.TimeCreated.ToString('HH:mm:ss') + '] [' + $_.LevelDisplayName + '] ' + $_.Message) }" >> "%OUTFILE%" 2>&1 echo. >> "%OUTFILE%" echo --- 5. sshd_config-File-Permissions (sshd ignoriert config wenn schreibbar fuer non-admins) --- >> "%OUTFILE%" icacls "%SSHCFG%" >> "%OUTFILE%" 2>&1 echo. >> "%OUTFILE%" echo --- 6. Test: lokaler Loopback ssh test (umgeht den Tunnel) --- >> "%OUTFILE%" echo Verbinde dich selbst zu deinem eigenen sshd via ssh localhost: >> "%OUTFILE%" ssh -o BatchMode=yes -o ConnectTimeout=4 -o StrictHostKeyChecking=no -i C:\Users\Administrator\.ssh\adb_tunnel_id_ed25519 Administrator@localhost "echo LOOPBACK-OK" >> "%OUTFILE%" 2>&1 echo. >> "%OUTFILE%" echo --- 7. Welche Hostkeys hat sshd? --- >> "%OUTFILE%" dir C:\ProgramData\ssh\ssh_host_*key 2>&1 >> "%OUTFILE%" echo. >> "%OUTFILE%" echo --- 8. Pruefe ob administrators_authorized_keys-Inhalt korrekt formatiert --- >> "%OUTFILE%" powershell -NoProfile -Command "$f='C:\ProgramData\ssh\administrators_authorized_keys'; if (Test-Path $f) { $bytes = Get-Content -Encoding Byte -Path $f; Write-Output ('Bytes total: ' + $bytes.Length); Write-Output ('First 50 bytes hex: ' + (($bytes[0..49] | ForEach-Object { '{0:X2}' -f $_ }) -join ' ')); $lines = Get-Content $f; Write-Output ('Zeilen: ' + $lines.Count); $lines | ForEach-Object { Write-Output (' Zeile: [' + $_ + ']') } }" >> "%OUTFILE%" 2>&1 echo. >> "%OUTFILE%" echo ============================================ >> "%OUTFILE%" echo ENDE — Diagnose komplett >> "%OUTFILE%" echo ============================================ >> "%OUTFILE%" type "%OUTFILE%" echo. echo --- Auto-Send an Agent --- powershell -NoProfile -ExecutionPolicy Bypass -Command "try { $b = Get-Content -Raw -Encoding UTF8 -Path '%OUTFILE%'; $r = Invoke-RestMethod -Method POST -Uri 'https://%AGENT_HOST%/submit' -ContentType 'text/plain; charset=utf-8' -Body $b -TimeoutSec 15; Write-Host ('OK -- Agent hat es: id=' + $r.id) -ForegroundColor Green } catch { Write-Host ('FEHLER Auto-Send: ' + $_.Exception.Message) -ForegroundColor Red }" echo. pause