Tag: Powershell Remoting

Copy files to Azure VM using PowerShell Remoting

Copy Files to Azure VM using PowerShell Remoting

There are a couple of different cases you want to copy files to Azure virtual machines. To copy files to Azure VM, you can use PowerShell Remoting. This works with Windows and Linux virtual machines using Windows PowerShell 5.1 (Windows only) or PowerShell 6 (Windows and Linux). Check out my blog post at the ITOpsTalk.com about copying files from Windows to Linux using PowerShell Remoting.

Prepare your client machine

Prepare the client machine to create PowerShell Remote connections to a specific remote VM.

Set-Item WSMan:localhost\client\trustedhosts -value "AZUREVMIP"

You can also enable remoting to all machines by using an asterisk.

Set-Item WSMan:localhost\client\trustedhosts -value *

Copy Files to Windows Server Azure VM

If you want to copy files to an Azure VM running Windows Server, you have two options. If you are copying files from Windows to Windows, you can use Windows PowerShell Remoting; if you are copying files from Linux or macOS to Windows, you can use the cross-platform PowerShell 6 and PowerShell Remoting over SSH.

Using Windows PowerShell Remoting

To copy files from a Windows machine to a Windows Server running in Azure, you can use Windows PowerShell Remoting.

Prepare the host (Azure VM) to receive Windows PowerShell remote commands. The Enable-PSRemoting cmdlet configures the computer to receive Windows PowerShell remote commands that are sent by using the WS-Management technology.

Enable-PSRemoting -Force

Now you can create a new PowerShell Remoting session to the Azure VM.

$cred = Get-Credential
 
$s = New-PSSession -ComputerName "AZUREVMIPORNAME" -Credential $cred

After the session was successfully created, you can use the copy-item cmdlet with the -toSession parameter.

Copy-Item .\windows.txt C:\ -ToSession $s

Some important notes

  • You need to configure the Network Security Group for the Azure VM to allow port 5985 (HTTP) or 5986 (HTTPS)
  • You can use PowerShell Remoting over Public Internet or Private connectivity (VPN or Express Route). If you are using the Public Internet, I highly recommend that you use https. I also recommend that you use Just-in-time virtual machine access in Azure Security for public exposed ports.

Using PowerShell Core 6 PowerShell Remoting over SSH

If you are running PowerShell Core 6, you can use PowerShell Remoting over SSH. This gives you a simple connection and cross-platform support. First, you will need to install PowerShell 6. After that, you will need to configure and setup PowerShell SSH Remoting together with OpenSSH. You can follow my blog post to do this here: Setup PowerShell SSH Remoting in PowerShell 6

Now you can create a new PowerShell Remoting session to the Azure VM.

$s = New-PSSession -HostName "AZUREVMIPORNAME" -UserName

After the session was successfully created, you can use the copy-item cmdlet with the -toSession parameter.

Copy-Item .\windows.txt C:\ -ToSession $s

Some important notes

  • You need to configure the Network Security Group for the Azure VM to allow port 22 (SSH)
  • You can use PowerShell Remoting over Public Internet or Private connectivity (VPN or Express Route). Exposing the SSH port to the public internet maybe is not secure. If you still need to use a public SSH connection, I recommend that you use Just-in-time virtual machine access in Azure Security.

Copy Files to Linux Azure VM

Copy File Windows to Linux using PowerShell Remoting

If you want to copy files to a Linux VM running in Azure, you can make use of the cross-platform PowerShell capabilities of PowerShell 6, using PowerShell Remoting over SSH. As for the Windows virtual machines, you will need to install PowerShell 6. Next, you will need to configure and setup PowerShell SSH Remoting together with OpenSSH. You can follow my blog post to do this here: Setup PowerShell SSH Remoting in PowerShell 6

After installing and configuring PowerShell Remoting over SSH, you can create a new PowerShell Remoting session to the Azure VM.

$s = New-PSSession -HostName "AZUREVMIPORNAME" -UserName

After you successfully connected to your Azure VM, you can use the copy-item cmdlet with the -toSession parameter.

Copy-Item .\windows.txt /home/thomas -ToSession $s

I hope this gives you an overview about how you can copy files to Azure VMs using PowerShell Remoting. If you have any questions, let me know in the comments.



PowerShell SSH Remoting Linux to Windows

Setup PowerShell SSH Remoting in PowerShell 6

With PowerShell version 6, Microsoft introduced PowerShell Remoting over SSH, which allows true multiplatform PowerShell remoting between Linux, macOS and Windows. PowerShell SSH Remoting creates a PowerShell host process on the target machine as an SSH subsystem. Normally, PowerShell remoting uses WinRM for connection negotiation and data transport, however WinRM is only available on Windows based machines.

There are also some downsides to it. SSH-based remoting doesn’t currently support remote endpoint configuration and JEA (Just Enough Administration). It is also important to understand, that this is not just another PowerShell SSH client.

Use SSH Transport with PowerShell Remoting

To use PowerShell remoting with SSH you can use the same cmdlets, you know from PowerShell remoting with WinRM.

  • New-PSSession
  • Enter-PSSession
  • Invoke-Command

There are 3 new parameters for these cmdlets, if you are using PowerShell SSH remoting.

  • -HostName (Instead of -Computername, you define the SSH target)
  • -UserName (Instead of -Credentials you use the -UserName parameter)
  • -KeyFilePath (If you are using SSH key authentication you can use the -KeyFilePath parameter to point to the key file)
 
New-PSSession -HostName tomsssh.server.com -UserName thomas


PowerShell Direct Enter-PSSession

Hyper-V PowerShell Direct

One of the new features of Hyper-V in Windows Server 2016 and Windows 10 is called PowerShell Direct. PowerShell Direct lets you remotely connect to a Virtual Machine running on a Hyper-V host, without any network connection inside the Virtual Machine. PowerShell Direct uses the Hyper-V VMBus to connect inside the Virtual Machine. This feature is convenient if you need it for automation and configuration for Virtual Machines or if you for example messed up network configuration inside the virtual machine and you don’t have console access.

Right now, there are two ways to use PowerShell Direct:

  • Create and exit a PowerShell Direct session using PSSession cmdlets
  • Run script or command with the Invoke-Command cmdlet
  • Use the PowerShell Direct session to copy files using the copy-item cmdlet

Requirements:

  • The virtual machine must be running locally on the Hyper-V host and must be started.
  • You must be logged into the host computer as a Hyper-V administrator.
  • You must supply valid user credentials for the virtual machine.
  • The host operating system must run Windows 10, Windows Server 2016, or a higher version.
  • The virtual machine must run Windows 10, Windows Server 2016, or a higher version.

PowerShell Direct examples

You can open a new interactive PowerShell Direct Session:

PowerShell Direct Enter-PSSession

Enter-PSSession -VMName "VM01" -Credential (Get-Credential)

PowerShell Direct Invoke-Command

You can use Invoke-Command to send script blocks to your Hyper-V Virtual Machines.

Invoke-Command -VMName "VM01" -Credential (Get-Credential) -ScriptBlock { Get-Process }

You can also create a PowerShell Direct session and use the Copy-Item -ToSession cmdlet to copy files to or from the VM.

$s = New-PSSession -VMName "VM01" -Credential (Get-Credential)
Copy-Item C:\Files C:\Targetfiles -ToSession $s

Remember it, this is not the same as PowerShell Remoting, even if it uses the same cmdlets. With that, not everything is working using PowerShell Direct, for some scenarios, PowerShell Remoting works differently. If you want to do this with Linux virtual machines, there is a tool called hvc.exe, which allows you to do the same.

If you want to know more about PowerShell Direct, check out the Microsoft Docs pages.



Run Remote Powershell Commands on multiple standalone Computers

Powershell Header

With this little Powershell Script you can run Powershell Commands on multiple Remotehosts even if those are not in an Active Directory.

# Config
$Servers = @("Server01", Server02)
$Cred = Get-Credential # Add Credentials for all Servers (Domain or non-Domain)
 
# Run Command (for example Get-Service | Where-Object {$_.Name -eq "BITS"}
foreach ($Server in $Servers) {
	Invoke-Command -ComputerName $Server -Credential $Cred {Get-Service | Where-Object {$_.Name -eq "BITS"}}
}

Important:

You have to enable Powershell Remoting on the Remotehost with Enable-PSRemoting



Quick Powershell Remoting Guide

Powershell HeaderThis is small guide which allows you to create Remote Powershell Sessions (like SSH). It allows you to create connection to Host which have Powershell Version 2.

  • Allow Powershell Remoting on the Remotehost
  • Add Trusted Hosts on the Localcomputer
  • Create a new Remotesession
  • Leave a Powershell Remotesession
  • Close a Powershell Remotesession
  • Send a command to a Remotehost

Allow Powershell Remoting on the Remotehost

Run Powershell 2.0 on the Remotehost and run the following Cmdlet.

Enable-PSRemoting

This command starts the WinRM service if it’s not allready started and sets the startup type to automatic. Adds firewall exceptions for WS-Management communications and creates a listener to accept requests.

Add Trusted Hosts on the Localcomputer

On the Local Computer run Powershell and run the following Cmdlet. This allows you to connect to any host. It also starts WinRM if its not already started.

Set-Item WSMan:\localhost\Client\TrustedHosts *

After that you may have to restart the WinRM service

Restart-Service winrm -Force

Create a new Powershell Remotesession

There are two ways to create a new PS Remotesession.

New-PSSession -ComputerName Server01

With Get-PSSession you can list all active sessions. Now you can enter a active Session with Enter-PSSession and the ID

Enter-PSSession 2

A quicker way to do that, you can simply use Enter-PSSession to create a new Session and directly connect to this Session.

Enter-PSSession -ComputerName Server02

Leave a Powershell Remotesession

To leave a Powershell Remotesession you can simply use the Exit-PSSession

Exit-PSSession

Close a Powershell Remotesession

To close a Powershell Remotesession you can list all  active Sessions with Get-PSSessions and close them with Remove-PSSession.

Get-PSSession | Remove-PSSession

Send a command to a Remotehost

To run a command on a Remotehost you can use the -ComputerName parameter.

Get-Service -ComputerName Server02
Get-Service -ComputerName Server02 | Where-Object {$_.Name -eq "BITS"}

With this little snippet you can run commands on multiple Hosts

 
$Servers = @("Server01", "Server02")
 
foreach ($Server in $Servers) {
 
Write-Host "Server: " $server
 
Get-Service -ComputerName $server | Where-Object {$_.Name -eq "BITS"}
 
}