Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Cloud Computing

Managing Linux, Windows, AWS, and Azure Using PowerShell Core Part 2: PowerShell Remoting Over SSH

In the first part of this two-part series, I showed you how to use PowerShell Core in Azure Cloud Shell, install Core in Windows and Ubuntu, and how to install modules for managing AWS and Azure. In the second part, I’ll look at how to manage Linux and Windows systems remotely using PowerShell Core.

 

 

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

PowerShell Remoting and SSH

PowerShell Core’s real selling point is its ability to manage different platforms remotely, whether it be Linux or Windows. You can even create remote PowerShell sessions to Linux and Windows systems at the same time and run commands against all open sessions.

The easiest way to connect to Linux from PowerShell Core is using OpenSSH.

$ubuntuip = “104.214.222.33”
ssh [email protected]$ubuntuip

The above commands open a terminal session on Linux but you won’t be able to run PowerShell cmdlets even if PowerShell Core is installed on the remote Linux device. To use PowerShell, you’ll need to use standard PowerShell Remoting cmdlets, like Enter-PSSession, and modify the sshd_config config file in Linux to start PowerShell Core when making a remote connection.

If your Linux distribution doesn’t already have SSH installed, you can download and install it using the following two commands:

sudo apt install openssh-client
sudo apt install openssh-server

If you are not familiar with Linux, the sudo command is used to run code with root privileges, which is roughly equivalent to the local administrator account in Windows. In Linux, add the following two lines of code to the sshd_config file, which is located in /etc/ssh. If you’re not familiar with Linux and editing text files, see Edit the Site Manifest in Managing Windows Server with Puppet Part 3: Edit the Site Manifest on Petri, where I show you how to use the vi text editor.
PasswordAuthentication yes
Subsystem powershell /usr/bin/pwsh -sshs -NoLogo -NoProfile

Once you’ve saved the changes to sshd_config, restart the ssh service:
sudo service ssh restart

If you want to use PowerShell Remoting over SSH to connect to Windows Server, you’ll need to install the OpenSSH client for Windows and perform the steps above to modify the sshd_config file (%ProgramData%\ssh\sshd_config) on each remote Windows device.

Modifying the sshd_config file in Linux (Image Credit: Russell Smith)
Modifying the sshd_config File in Linux (Image Credit: Russell Smith)

 

Let’s connect to Linux using PowerShell Remoting over SSH. Note that the -HostName parameter is new and it forces use of SSH. If you use -ComputerName, WinRM will be used instead of SSH. For example, if you want to connect to Windows Server using WinRM, you would use -ComputerName instead of -HostName.

New-PSSession -HostName $ubuntuip -UserName ubuntuadmin

Establish a PowerShell Core remote session using SSH to Linux (Image Credit: Russell Smith)
Establish a PowerShell Core Remote Session Using SSH to Linux (Image Credit: Russell Smith)

 

Once the session is established, you can use Invoke-Command to run a cmdlet on the remote device:

$s = Get-PSSession
Invoke-Command -Session $s -ScriptBlock {Get-Process}

And you can perform all sorts of object-orientated PowerShell goodness. The code below lists all the Bash processes on Linux without having to manipulate a text file to get the information you need, which is what you would have to do if using the Bash shell in Linux.
$processes = Invoke-Command -Session $s -ScriptBlock {Get-Process}
$processes | Where-Object name -like *bash*

Running remote commands on Linux using PowerShell Core Remoting over SSH (Image Credit: Russell Smith)
Running Remote Commands on Linux Using PowerShell Core Remoting Over SSH (Image Credit: Russell Smith)

WinRM vs SSH

Microsoft has chosen SSH as the default protocol for PowerShell Core Remoting because it allows true multiplatform remoting. But in the current release, Core SSH remoting doesn’t support the full feature set of WinRM. For instance, you can’t configure remote endpoints or use Just Enough Administration (JEA). But it seems that Microsoft is planning to add this functionality to Core at some point in the future.

PowerShell Core can’t replace a Linux shell like Bash but it could be useful in scenarios where simple management tasks need to be automated across both Windows and Linux-based devices, where system administrators want to standardize on one set of commands for managing cloud services, or other systems that have modules for PowerShell Core.

 

Related Topics:

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (0)

Leave a Reply

IT consultant, Contributing Editor @PetriFeed, and trainer @Pluralsight. All about Microsoft, Office 365, Azure, and Windows Server.
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: