Despite the workarounds which work for the 64-bit Windows 8.1 with Update,

they do not seem to work for the 32-bit version.  It looks like the
32-bit version of openssh with the heartbleed fix needs to be rebased.  For
now, reverting back to the older version.  Be careful what you do on a 32-bit
VM, as it is heartbleed-vulnerable

Author: Mischa Taylor

Makefile

@@ -92,6 +92,11 @@ $(VMWARE_BOX_DIR)/win81x64-enterprise$(BOX_SUFFIX): win81x64-enterprise.json
 	mkdir -p $(VMWARE_BOX_DIR)
 	packer build -only=$(VMWARE_BUILDER) $(PACKER_VARS) -var "iso_url=$(WIN81_X64_ENTERPRISE)" $<
 
+$(VMWARE_BOX_DIR)/win81x86-enterprise$(BOX_SUFFIX): win81x86-enterprise.json
+	rm -rf $(VMWARE_OUTPUT)
+	mkdir -p $(VMWARE_BOX_DIR)
+	packer build -only=$(VMWARE_BUILDER) $(PACKER_VARS) -var "iso_url=$(WIN81_X86_ENTERPRISE)" $<
+
 #win2008r2-datacenter-cygwin.json
 	#win2008r2-datacenter.jso
 #win2008r2-enterprise-cygwin.jso
@@ -170,6 +175,11 @@ $(VIRTUALBOX_BOX_DIR)/win81x64-enterprise$(BOX_SUFFIX): win81x64-enterprise.json
 	mkdir -p $(VIRTUALBOX_BOX_DIR)
 	packer build -only=$(VIRTUALBOX_BUILDER) $(PACKER_VARS) -var "iso_url=$(WIN81_X64_ENTERPRISE)" $<
 
+$(VIRTUALBOX_BOX_DIR)/win81x86-enterprise$(BOX_SUFFIX): win81x86-enterprise.json
+	rm -rf $(VIRTUALBOX_OUTPUT)
+	mkdir -p $(VIRTUALBOX_BOX_DIR)
+	packer build -only=$(VIRTUALBOX_BUILDER) $(PACKER_VARS) -var "iso_url=$(WIN81_X86_ENTERPRISE)" $<
+
 list:
 	@for builder in $(BUILDER_TYPES) ; do \
 		for box_filename in $(BOX_FILENAMES) ; do \

floppy/openssh.bat

@@ -8,7 +8,10 @@ if not defined TEMP set TEMP=%USERPROFILE%\AppData\Local\Temp
 if exist "%SystemDrive%\Program Files (x86)" (
   set OPENSSH_URL="http://www.mls-software.com/files/setupssh-6.6p1-1-v1(x64).exe"
 ) else (
-  set OPENSSH_URL="http://www.mls-software.com/files/setupssh-6.6p1-1-v1.exe"
+:: Does not seem to work on 32-bit Windows 8.1 with Update, using
+:: pre-heartbleed patch (for now)
+::  set OPENSSH_URL="http://www.mls-software.com/files/setupssh-6.6p1-1-v1.exe"
+  set OPENSSH_URL="http://www.mls-software.com/files/setupssh-6.4p1-1.exe"
 )
 
 for %%i in (%OPENSSH_URL%) do SET OPENSSH_EXE="%TEMP%\%%~nxi"
@@ -31,11 +34,13 @@ cmd /c "%OPENSSH_EXE%" /S /port=22 /privsep=1 /password=D@rj33l1ng
 
 echo ==^> Stopping opensshd
 sc stop opensshd
+timeout 10
 
 echo ==^> Setting temp location
 rd /S /Q "%ProgramFiles%\OpenSSH\tmp"
 cmd /c ""%ProgramFiles%\OpenSSH\bin\junction.exe" /accepteula "%ProgramFiles%\OpenSSH\tmp" "%windir%\Temp""
 cmd /c %windir%\System32\icacls.exe "%TEMP%" /grant %USERNAME%:(OI)(CI)F
+mkdir "%USERPROFILE%\.ssh"
 powershell -Command "Add-Content %USERPROFILE%\.ssh\environment 'APPDATA=%SystemDrive%\Users\%USERNAME%\AppData\Roaming'"
 powershell -Command "Add-Content %USERPROFILE%\.ssh\environment 'CommonProgramFiles=%SystemDrive%\Program Files\Common Files'"
 powershell -Command "Add-Content %USERPROFILE%\.ssh\environment 'LOCALAPPDATA=%SystemDrive%\Users\%USERNAME%\AppData\Local'"
@@ -59,13 +64,6 @@ if exist "%SystemDrive%\Program Files (x86)" (
 echo ==^> Record the path for use by provisioners
 <nul set /p ".=%PATH%" > %TEMP%\PATH
 
-echo ==^> Ensuring vagrant can login
-mkdir "%USERPROFILE%\.ssh"
-cmd /c %windir%\System32\icacls.exe "%USERPROFILE%" /grant %USERNAME%:(OI)(CI)F
-cmd /c %windir%\System32\icacls.exe "%ProgramFiles%\OpenSSH\bin" /grant %USERNAME%:(OI)RX
-cmd /c %windir%\System32\icacls.exe "%ProgramFiles%\OpenSSH\usr\sbin" /grant %USERNAME%:(OI)RX
-powershell -Command "(Get-Content '%ProgramFiles%\OpenSSH\etc\passwd') | Foreach-Object { $_ -replace '/home/(\w+)', '/cygdrive/c/Users/$1' } | Set-Content '%ProgramFiles%\OpenSSH\etc\passwd'"
-
 echo ==^> Fixing opensshd to not be strict
 powershell -Command "(Get-Content '%ProgramFiles%\OpenSSH\etc\sshd_config') | Foreach-Object { $_ -replace 'StrictModes yes', 'StrictModes no' } | Set-Content '%ProgramFiles%\OpenSSH\etc\sshd_config'"
 powershell -Command "(Get-Content '%ProgramFiles%\OpenSSH\etc\sshd_config') | Foreach-Object { $_ -replace '#PubkeyAuthentication yes', 'PubkeyAuthentication yes' } | Set-Content '%ProgramFiles%\OpenSSH\etc\sshd_config'"
@@ -78,5 +76,12 @@ netsh advfirewall firewall add rule name="SSHD" dir=in action=allow service=Open
 netsh advfirewall firewall add rule name="SSHD" dir=in action=allow program="%ProgramFiles%\OpenSSH\usr\sbin\sshd.exe" enable=yes
 netsh advfirewall firewall add rule name="ssh" dir=in action=allow protocol=TCP localport=22
 
+echo ==^> Ensuring vagrant can login
+mkdir "%USERPROFILE%\.ssh"
+cmd /c %windir%\System32\icacls.exe "%USERPROFILE%" /grant %USERNAME%:(OI)(CI)F
+cmd /c %windir%\System32\icacls.exe "%ProgramFiles%\OpenSSH\bin" /grant %USERNAME%:(OI)RX
+cmd /c %windir%\System32\icacls.exe "%ProgramFiles%\OpenSSH\usr\sbin" /grant %USERNAME%:(OI)RX
+powershell -Command "(Get-Content '%ProgramFiles%\OpenSSH\etc\passwd') | Foreach-Object { $_ -replace '/home/(\w+)', '/cygdrive/c/Users/$1' } | Set-Content '%ProgramFiles%\OpenSSH\etc\passwd'"
+
 echo ==^> Deleting "%OPENSSH_EXE%"
 del "%OPENSSH_EXE%"

floppy/zz-start-sshd.cmd

@@ -14,3 +14,4 @@ sc query opensshd >nul 2>nul && set SSH_SERVICE=opensshd
 
 echo ==^> Starting the %SSH_SERVICE% service
 sc start %SSH_SERVICE%
+timeout 10

win81x86-enterprise.json

@@ -25,8 +25,8 @@
         "floppy/_download.cmd",
         "floppy/_packer_config.cmd",
         "floppy/passwordchange.bat",
-        "floppy/zz-start-sshd.cmd",
-        "floppy/openssh.bat"
+        "floppy/openssh.bat",
+        "floppy/zz-start-sshd.cmd"
       ],
       "tools_upload_flavor": "windows",
       "shutdown_command": "shutdown /s /t 1 /f /d p:4:1 /c 'Packer Shutdown'",