Managing Linux, Windows, AWS, and Azure Using PowerShell Core Part 2: PowerShell Remoting Over SSH

Enterprise Social 2

In the first part of this two-part series, I showed you how to use PowerShell Core in Azure Cloud Shell, install Core in Windows and Ubuntu, and how to install modules for managing AWS and Azure. In the second part, I’ll look at how to manage Linux and Windows systems remotely using PowerShell Core.

 

 

PowerShell Remoting and SSH

PowerShell Core’s real selling point is its ability to manage different platforms remotely, whether it be Linux or Windows. You can even create remote PowerShell sessions to Linux and Windows systems at the same time and run commands against all open sessions.

The easiest way to connect to Linux from PowerShell Core is using OpenSSH.

$ubuntuip = “104.214.222.33”
ssh ubuntuadmin@$ubuntuip

The above commands open a terminal session on Linux but you won’t be able to run PowerShell cmdlets even if PowerShell Core is installed on the remote Linux device. To use PowerShell, you’ll need to use standard PowerShell Remoting cmdlets, like Enter-PSSession, and modify the sshd_config config file in Linux to start PowerShell Core when making a remote connection.

If your Linux distribution doesn’t already have SSH installed, you can download and install it using the following two commands:

sudo apt install openssh-client
sudo apt install openssh-server

If you are not familiar with Linux, the sudo command is used to run code with root privileges, which is roughly equivalent to the local administrator account in Windows. In Linux, add the following two lines of code to the sshd_config file, which is located in /etc/ssh. If you’re not familiar with Linux and editing text files, see Edit the Site Manifest in Managing Windows Server with Puppet Part 3: Edit the Site Manifest on Petri, where I show you how to use the vi text editor.

PasswordAuthentication yes
Subsystem powershell /usr/bin/pwsh -sshs -NoLogo -NoProfile

Once you’ve saved the changes to sshd_config, restart the ssh service:

sudo service ssh restart

If you want to use PowerShell Remoting over SSH to connect to Windows Server, you’ll need to install the OpenSSH client for Windows and perform the steps above to modify the sshd_config file (%ProgramData%\ssh\sshd_config) on each remote Windows device.

Modifying the sshd_config file in Linux (Image Credit: Russell Smith)
Modifying the sshd_config File in Linux (Image Credit: Russell Smith)

 

Let’s connect to Linux using PowerShell Remoting over SSH. Note that the -HostName parameter is new and it forces use of SSH. If you use -ComputerName, WinRM will be used instead of SSH. For example, if you want to connect to Windows Server using WinRM, you would use -ComputerName instead of -HostName.

New-PSSession -HostName $ubuntuip -UserName ubuntuadmin
Establish a PowerShell Core remote session using SSH to Linux (Image Credit: Russell Smith)
Establish a PowerShell Core Remote Session Using SSH to Linux (Image Credit: Russell Smith)

 

Once the session is established, you can use Invoke-Command to run a cmdlet on the remote device:

$s = Get-PSSession
Invoke-Command -Session $s -ScriptBlock {Get-Process}

And you can perform all sorts of object-orientated PowerShell goodness. The code below lists all the Bash processes on Linux without having to manipulate a text file to get the information you need, which is what you would have to do if using the Bash shell in Linux.

$processes = Invoke-Command -Session $s -ScriptBlock {Get-Process}
$processes | Where-Object name -like *bash*
Running remote commands on Linux using PowerShell Core Remoting over SSH (Image Credit: Russell Smith)
Running Remote Commands on Linux Using PowerShell Core Remoting Over SSH (Image Credit: Russell Smith)

WinRM vs SSH

Microsoft has chosen SSH as the default protocol for PowerShell Core Remoting because it allows true multiplatform remoting. But in the current release, Core SSH remoting doesn’t support the full feature set of WinRM. For instance, you can’t configure remote endpoints or use Just Enough Administration (JEA). But it seems that Microsoft is planning to add this functionality to Core at some point in the future.

PowerShell Core can’t replace a Linux shell like Bash but it could be useful in scenarios where simple management tasks need to be automated across both Windows and Linux-based devices, where system administrators want to standardize on one set of commands for managing cloud services, or other systems that have modules for PowerShell Core.