Tag: PSSession

PowerShell Remoting over SSH in PowerShell 7

Enable PowerShell SSH Remoting in PowerShell 7

In this blog post, we will have a look at how you can enable and set up PowerShell SSH Remoting or PowerShell Remoting over SSh with PowerShell 7. With PowerShell Core 6, Microsoft introduced PowerShell 7 Remoting over SSH, which allows true multiplatform PowerShell remoting between Linux, macOS, and Windows. PowerShell SSH Remoting creates a PowerShell host process on the target machine as an SSH subsystem. Normally, Windows PowerShell remoting uses WinRM for connection negotiation and data transport. However, WinRM is only available on Windows-based machines.

There are also some downsides to it. SSH-based remoting doesn’t currently support remote endpoint configuration and JEA (Just Enough Administration). It is also important to understand that this is not just another PowerShell SSH client.

Use SSH Transport with PowerShell Remoting

To use PowerShell 7 remoting with SSH on Windows, Linux, and macOS machines, you can use the same cmdlets you are already familiar from Windows PowerShell remoting with WinRM.

  • New-PSSession
  • Enter-PSSession
  • Invoke-Command

There are three new parameters for these cmdlets if you are using PowerShell SSH remoting.

  • -HostName (Instead of -Computername, you define the SSH target)
  • -UserName (Instead of -Credentials you use the -UserName parameter)
  • -KeyFilePath (If you are using SSH key authentication you can use the -KeyFilePath parameter to point to the key file)
New-PSSession -HostName tomsssh.server.com -UserName thomas


Quick Powershell Remoting Guide

Powershell HeaderThis is small guide which allows you to create Remote Powershell Sessions (like SSH). It allows you to create connection to Host which have Powershell Version 2.

  • Allow Powershell Remoting on the Remotehost
  • Add Trusted Hosts on the Localcomputer
  • Create a new Remotesession
  • Leave a Powershell Remotesession
  • Close a Powershell Remotesession
  • Send a command to a Remotehost

Allow Powershell Remoting on the Remotehost

Run Powershell 2.0 on the Remotehost and run the following Cmdlet.

Enable-PSRemoting

This command starts the WinRM service if it’s not allready started and sets the startup type to automatic. Adds firewall exceptions for WS-Management communications and creates a listener to accept requests.

Add Trusted Hosts on the Localcomputer

On the Local Computer run Powershell and run the following Cmdlet. This allows you to connect to any host. It also starts WinRM if its not already started.

Set-Item WSMan:\localhost\Client\TrustedHosts *

After that you may have to restart the WinRM service

Restart-Service winrm -Force

Create a new Powershell Remotesession

There are two ways to create a new PS Remotesession.

New-PSSession -ComputerName Server01

With Get-PSSession you can list all active sessions. Now you can enter a active Session with Enter-PSSession and the ID

Enter-PSSession 2

A quicker way to do that, you can simply use Enter-PSSession to create a new Session and directly connect to this Session.

Enter-PSSession -ComputerName Server02

Leave a Powershell Remotesession

To leave a Powershell Remotesession you can simply use the Exit-PSSession

Exit-PSSession

Close a Powershell Remotesession

To close a Powershell Remotesession you can list all  active Sessions with Get-PSSessions and close them with Remove-PSSession.

Get-PSSession | Remove-PSSession

Send a command to a Remotehost

To run a command on a Remotehost you can use the -ComputerName parameter.

Get-Service -ComputerName Server02
Get-Service -ComputerName Server02 | Where-Object {$_.Name -eq "BITS"}

With this little snippet you can run commands on multiple Hosts

 
$Servers = @("Server01", "Server02")
 
foreach ($Server in $Servers) {
 
Write-Host "Server: " $server
 
Get-Service -ComputerName $server | Where-Object {$_.Name -eq "BITS"}
 
}