Connecting from Linux to Windows

Connecting from Linux to Windows is a harder path; it is clearly undergoing rapid change and is much less mature than connections in the other direction.

Before moving on to configuring SSH, verify that WSMan functions. An HTTPS listener must be set up; HTTP connections are prohibited by newer versions of the PSRP package. If HTTPS is not already available, a self-signed certificate may be created and used as shown in the Remoting and SSL section.

If remoting is not yet configured for PowerShell Core, run the Enable-PSRemoting command in the Core console (as an administrator). Once enabled, find the name of the configuration entry using the Get-PSSessionConfiguration command.

The configuration name may be used to create a session to PowerShell Core that runs on the Windows system:

$params = @{
    HostName          = 'WindowsSystemNameOrIPAddress'
    Credential        = (Get-Credential)
    Authentication    = 'Basic'    
    UseSSL            = $true
    ConfigurationName = 'PowerShell.6.1.1'
}
Enter-PSSession @params

At the time of writing, attempting to connect from Linux to a PowerShell 5.1 session results in an "access denied" error message.

The OpenSSH package must be installed on Windows to continue, as described when configuring the connection from Windows to Linux.

The SSHD service must be installed to allow incoming connections using SSH. A service installation script is included with the OpenSSH package:

& "C:Program FilesOpenSSH-Win64install-sshd.ps1"
Start-Service sshd

If used, Windows Firewall must also be opened:

$params = @{
    DisplayName = $name = 'SSH Daemon (SSH-In)'
    Name        = $name
    Profile     = 'Any'
    LocalPort   = 22
    Protocol    = 'TCP'
}
New-NetFirewallRule @params

Once this step is complete, it should be possible to create an SSH connection from Linux to Windows:

ssh user@WindowsSystemNameOrIPAddress

As with configuring Linux, public key authentication may be allowed, and a subsystem must be configured, this time on the Windows system. The C:ProgramDatasshsshd_config file must be edited.

To enable public key authentication, set PubkeyAuthentication:

PubkeyAuthentication yes

Add a subsystem to the file. This may be specified in addition to any existing subsystem:

Subsystem    powershell    C:/progra~1/PowerShell/6/pwsh.exe -sshs -NoLogo -NoProfile

The sshd service should be restarted after changing the configuration file:

Restart-Service sshd

At this point, it will be possible to create a remoting session using SSH, by entering a password when prompted:

$params = @{
    HostName     = 'WindowsSystemNameOrIPAddress'
    UserName     = $env:USERNAME
    SSHTransport = $true
}
Enter-PSSession @params

Public key authentication may be configured in the same way as was done for Linux. A key can be generated on Linux using the ssh-keygen command.

The public key, by default ~/.ssh/id_rsa.pub, may be added to an authorized_keys file on Windows. The following command, when run on Linux, displays the public key:

Get-Content ~/.ssh/id_rsa.pub

This public key may be added to an authorized_keys file for a user on the Windows system:

$publicKey = 'ssh-rsa AAAABG...'
Set-Content -Path ~/.ssh/authorized_keys -Value $publicKey

At this point, the Linux system will be able to use public key authentication to access the Windows system:

$params = @{
    HostName     = 'WindowsSystemNameOrIPAddress'
    UserName     = $env:USERNAME
    SSHTransport = $true
    KeyFilePath  = '~.sshid_rsa'
}
Enter-PSSession @params

Extending this further, Windows systems running PowerShell Core and the SSH daemon may use SSH as a remoting transport to access other Windows systems.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.139.81.58