jlammi/winutil
1
0
Fork 0
mirror of https://github.com/ChrisTitusTech/winutil synced 2026-04-05 22:28:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update Invoke-WinUtilSSHServer.ps1 (#4254)

Browse Source 
* Update Invoke-WinUtilSSHServer.ps1

* fix: correct ssh-agent restart, use USERPROFILE path, add sshd_config idempotency check

* Cleanup for Invoke-WinUtilSSHServer.ps1

* Update Invoke-WinUtilSSHServer.ps1

* Merge branch 'ChrisTitusTech:main' into patch-2

* Update Invoke-WinUtilSSHServer.ps1

* Update Invoke-WinUtilSSHServer.ps1

* Merge branch 'main' into patch-2

* Update Invoke-WinUtilSSHServer.ps1

* typo
This commit is contained in:
Gabi
2026-03-27 16:26:36 +03:00
committed by GitHub
parent f4703284ef
commit 24c6706ab2
1 changed files with 27 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
functions/private/Invoke-WinUtilSSHServer.ps1
View File

@@ -4,63 +4,29 @@ function Invoke-WinUtilSSHServer {
Enables OpenSSH server to remote into your windows device Enables OpenSSH server to remote into your windows device
#> #>
# Get the latest version of OpenSSH Server
$FeatureName = Get-WindowsCapability -Online | Where-Object { $_.Name -like "OpenSSH.Server*" }
# Install the OpenSSH Server feature if not already installed # Install the OpenSSH Server feature if not already installed
if ($FeatureName.State -ne "Installed") { if ((Get-WindowsCapability -Name OpenSSH.Server -Online).State -ne "Installed") {
Write-Host "Enabling OpenSSH Server..." Write-Host "Enabling OpenSSH Server... This will take a long time"
Add-WindowsCapability -Online -Name $FeatureName.Name Add-WindowsCapability -Name OpenSSH.Server -Online
} }
# Sets up the OpenSSH Server service Write-Host "Starting the services"
Write-Host "Starting the services..."
Start-Service -Name sshd
Set-Service -Name sshd -StartupType Automatic Set-Service -Name sshd -StartupType Automatic
Start-Service -Name sshd
# Sets up the ssh-agent service Set-Service -Name ssh-agent -StartupType Automatic
Start-Service 'ssh-agent' Start-Service -Name ssh-agent
Set-Service -Name 'ssh-agent' -StartupType 'Automatic'
# Confirm the required services are running
$SSHDaemonService = Get-Service -Name sshd
$SSHAgentService = Get-Service -Name 'ssh-agent'
if ($SSHDaemonService.Status -eq 'Running') {
Write-Host "OpenSSH Server is running."
} else {
try {
Write-Host "OpenSSH Server is not running. Attempting to restart..."
Restart-Service -Name sshd -Force
Write-Host "OpenSSH Server has been restarted successfully."
} catch {
Write-Host "Failed to restart OpenSSH Server: $_"
}
}
if ($SSHAgentService.Status -eq 'Running') {
Write-Host "ssh-agent is running."
} else {
try {
Write-Host "ssh-agent is not running. Attempting to restart..."
Restart-Service -Name sshd -Force
Write-Host "ssh-agent has been restarted successfully."
} catch {
Write-Host "Failed to restart ssh-agent : $_"
}
}
#Adding Firewall rule for port 22 #Adding Firewall rule for port 22
Write-Host "Setting up firewall rules..." Write-Host "Setting up firewall rules"
$firewallRule = (Get-NetFirewallRule -Name 'sshd').Enabled if (-not ((Get-NetFirewallRule -Name 'sshd').Enabled)) {
if ($firewallRule) {
Write-Host "Firewall rule for OpenSSH Server (sshd) already exists."
} else {
New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22 New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
Write-Host "Firewall rule for OpenSSH Server created and enabled." Write-Host "Firewall rule for OpenSSH Server created and enabled."
} }
# Check for the authorized_keys file # Check for the authorized_keys file
$sshFolderPath = "$env:HOMEDRIVE\$env:HOMEPATH\.ssh" $sshFolderPath = "$Home\.ssh"
$authorizedKeysPath = "$sshFolderPath\authorized_keys" $authorizedKeysPath = "$sshFolderPath\authorized_keys"
if (-not (Test-Path -Path $sshFolderPath)) { if (-not (Test-Path -Path $sshFolderPath)) {
@@ -72,10 +38,23 @@ function Invoke-WinUtilSSHServer {
Write-Host "Creating authorized_keys file..." Write-Host "Creating authorized_keys file..."
New-Item -Path $authorizedKeysPath -ItemType File -Force New-Item -Path $authorizedKeysPath -ItemType File -Force
Write-Host "authorized_keys file created at $authorizedKeysPath." Write-Host "authorized_keys file created at $authorizedKeysPath."
} else {
Write-Host "authorized_keys file already exists at $authorizedKeysPath."
} }
Write-Host "Configuring sshd_config for standard authorized_keys behavior..."
$sshdConfigPath = "C:\ProgramData\ssh\sshd_config"
$configContent = Get-Content -Path $sshdConfigPath -Raw
$updatedContent = $configContent -replace '(?m)^(Match Group administrators)$', '# $1'
$updatedContent = $updatedContent -replace '(?m)^(\s+AuthorizedKeysFile __PROGRAMDATA__/ssh/administrators_authorized_keys)$', '# $1'
if ($updatedContent -ne $configContent) {
Set-Content -Path $sshdConfigPath -Value $updatedContent -Force
Write-Host "Commented out administrator-specific SSH key configuration in sshd_config"
Restart-Service -Name sshd -Force
}
Write-Host "OpenSSH server was successfully enabled." Write-Host "OpenSSH server was successfully enabled."
Write-Host "The config file can be located at C:\ProgramData\ssh\sshd_config " Write-Host "The config file can be located at C:\ProgramData\ssh\sshd_config"
Write-Host "Add your public keys to this file -> $authorizedKeysPath" Write-Host "Add your public keys to this file -> $authorizedKeysPath"
} }