One of the most well-known uses for decentralized cloud computing is to be able to use remote desktop applications with different operating systems. This article will go over how to set up PSRemoting on a Windows and Linux computer using terminal services from your account.
“winrm from linux” is a command-line tool that allows users to set up PSRemoting with Windows and Linux.
One of the amazing things about PowerShell’s evolution over the past several years is that it now supports a variety of non-Windows machine interactions. Support for PSRemoting through SSH was one of these additions. PSRemoting with Linux also implies PSRemoting via SSH!
While configuring PSRemoting to work with SSH and Linux requires some preparation, it enables you to connect with Linux computers natively using PowerShell.
In this article, you’ll learn how to use PSRemoting via SSH to connect a Windows client to a Linux machine (CentOS) and vice versa. You’ll learn how to use both a password and a certificate to authenticate.
The Ultimate Guide to PowerShell Remoting
Prerequisites
This is a walkthrough instruction. If you want to follow along, make sure you have the following things before you start:
- A computer running Windows 10 build 1809 or later. The remote server in this tutorial will be Windows Server 2019 Standard.
- PowerShell 7 is supported on a Linux computer. CentOS 8 will be used in this lesson.
- On the Linux computer, sudo permissions are required, while on the Windows machine, local administrator permissions are required. Some of the privileges may be withdrawn after the first setup.
Setting up PSRemoting through SSH on Windows (Client)
The PSRemoting client (PowerShell) must first be configured on your Windows client. You’ll need to install and setup both PowerShell 7+ and OpenSSH to do this.
PowerShell 7+ Installation
Install PowerShell 7+ first. This is not something that will be covered in this session. Check out the link below to find out how.
Getting OpenSSH to Work
You’ll also need to download and install OpenSSH. PSRemoting will connect to the remote Linux machine using the OpenSSH software. The Get-WindowsCapability cmdlet may be used to install OpenSSH through PowerShell, as demonstrated below.
What Windows features you should install depends on whether your Windows host is intended to be a client or a server. You simply need the OpenSSH client to connect from a Windows Server to a Linux system. You simply need the OpenSSH server to connect from Linux to the Windows Server.
The command below locates and installs all Windows features with a name that begins with OpenSSH, including both the client and the server.
Where-Object
One of the amazing things about PowerShell’s evolution over the past several years is that it now supports a variety of non-Windows machine interactions. Support for PSRemoting through SSH was one of these additions. PSRemoting with Linux also implies PSRemoting via SSH!
While configuring PSRemoting to work with SSH and Linux requires some preparation, it enables you to connect with Linux computers natively using PowerShell.
In this article, you’ll learn how to use PSRemoting via SSH to connect a Windows client to a Linux machine (CentOS) and vice versa. You’ll learn how to use both a password and a certificate to authenticate.
The Ultimate Guide to PowerShell Remoting
Prerequisites
This is a walkthrough instruction. If you want to follow along, make sure you have the following things before you start:
- A computer running Windows 10 build 1809 or later. The remote server in this tutorial will be Windows Server 2019 Standard.
- PowerShell 7 is supported on a Linux computer. CentOS 8 will be used in this lesson.
- On the Linux computer, sudo permissions are required, while on the Windows machine, local administrator permissions are required. Some of the privileges may be withdrawn after the first setup.
Setting up PSRemoting through SSH on Windows (Client)
The PSRemoting client (PowerShell) must first be configured on your Windows client. You’ll need to install and setup both PowerShell 7+ and OpenSSH to do this.
PowerShell 7+ Installation
Install PowerShell 7+ first. This is not something that will be covered in this session. Check out the link below to find out how.
Getting OpenSSH to Work
You’ll also need to download and install OpenSSH. PSRemoting will connect to the remote Linux machine using the OpenSSH software. The Get-WindowsCapability cmdlet may be used to install OpenSSH through PowerShell, as demonstrated below.
What Windows features you should install depends on whether your Windows host is intended to be a client or a server. You simply need the OpenSSH client to connect from a Windows Server to a Linux system. You simply need the OpenSSH server to connect from Linux to the Windows Server.
The command below locates and installs all Windows features with a name that begins with OpenSSH, including both the client and the server.
Get-WindowsCapability -Online | Where-Object {$_.Name -like ‘OpenSSH*’} | Add-WindowsCapability -Online
Change the filter in the Where-Object script block to OpenSSH.Client* if you only want to install the client, and OpenSSH.Server* if you only want to install the server.
Getting Started with SSH and PowerShell is a good place to start.
Getting the SSH Server Up and Running
When OpenSSH is installed, the Windows firewall on port 22 is opened, but the OpenSSH server service is not started to listen on the port. Run the following PowerShell command to start the OpenSSH server and configure the service to start automatically on bootup on Windows Server.
Set-Service sshd -StartupType Automatic Start-Service sshd
Setting up the OpenSSH Configuration
The sshd config daemon configuration file will be modified next. You must first activate Authentication using a password and then add the PowerShell subsystem to this file.
The simplest way employing passwords is set up in this section of the course. Later in this course, you’ll learn how to set up SSH authentication using certificates.
- Open the configuration file at C:ProgramDatasshsshd config in your preferred text editor.
2. Verify that Authentication using a password is enabled by either commenting out the PasswordAuthentication line with a # or setting it to yes.
Authentication using a password
3. Add the PowerShell subsystem to the system. Add the line Subsystem powershell c:/progra1/powershell/7/pwsh.exe -sshs -NoLogo to PowerShell 7.
- The -sshs option allows PowerShell 7 to operate as a subsystem inside SSH.
- The -NoLogo option causes PowerShell to conceal the copyright information when it starts, ensuring that no unexpected output occurs when the SSH connection is launched.
4. Close and save the configuration file.
5. Restart the Windows service for sshd. Restart-Service sshd is a PowerShell command that may be used to do this.
You should now have everything set up to connect to this Windows Server utilizing PSRemoting via SSH from both the client and the server.
Setting up PSRemoting through SSH on a Linux (Server)
The next step is to install PowerShell and configure OpenSSH on Linux.
Because we’re using CentOS, some of the instructions could be changed if you’re using another distribution.
PowerShell 7+ Installation
Install PowerShell 7 first. This is not something that will be covered in this session. Instead, have a look at the following website.
How to Get and Install PowerShell 7 on Windows, Mac OS X, and Linux
Setting up OpenSSH
You’ll need OpenSSH, much like Windows Server. OpenSSH, unlike Windows, is mostly certainly already installed. The client and server are already installed by default on the CentOS 8 workstation for this tutorial, but you may double-check using the command below:
If the client and server are both installed, the result should look somewhat like this.
Setting up OpenSSH
Set up the SSH configuration file as follows:
- Run sudo vi /etc/ssh/sshd config to open the sshd config file.
2. Adding the PowerShell subsystem by adding the following line to the configuration file, exactly like on Windows Server.
/usr/bin/pwsh -sshs -NoLogo /usr/bin/pwsh -sshs -NoLogo /usr/bin/pwsh -ss
3. Save the file after exiting vi.
4. Restarting the ssh daemon with sudo systemctl restart sshd to implement the modifications.
In most cases, including CentOS 8, Password and PublicKey authentication will be enabled by default. There’s no need to include them here.
Connecting to/from Windows/Linux with Authentication using a password
Once you’ve set up everything on both the Linux and Windows machines, it’s time to put that work you did to good use. Let’s now try to connect from Windows to Linux and vice versa using Authentication using a password.
Password-based authentication resembles SSH with a username and password in appearance and feel.
Commands for Connecting
Let’s utilize both a “ad-hoc” session with the Invoke-Command cmdlet and a permanent session with New-PSSession to try connecting using PSRemoting via SSH from Windows to Linux or Linux to Windows.
Related: The Best Way to Run Remote Code with Invoke-Command
Use Invoke-Command to test the PSRemoting connection:
- Start by launching the PowerShell 7 console.
2. Specifying arguments for the cmdlet Invoke-Command In this scenario, the settings below will connect to SRV1 using a local user account named User on SRV1.
@ $SessionParams SRV1 = HostName SSHTransport = $true UserName = user
3. Invoke-Command by splatting the arguments above and invoking a command (Get-Process in this example) within a scriptblock.
Related: What Is PowerShell Splatting and How Does It Work?
Get-Process Invoke-Command @SessionParams -ScriptBlock
On the SRV1 machine, you should now see a list of all active processes.
You may also create a persistent connection that enables you to connect to and from, as well as perform commands interactively, by:
- Providing and sending the following arguments to the New-PSSession cmdlet.
2. Using the Enter-PSSession cmdlet to connect to that session interactively.
Make a session that will last. @SessionParams $session = New-PSSession Enter-PSSession -Session $session to connect interactively
3. After executing the Enter-PSSession command, you will be required for the user’s password. Within PowerShell, you’d be linked to the other system after you’d authenticated.
It’s worth noting that none of the scripts above needed the typical Credential argument to connect using a login and password. We used the SSHTransport option instead. Because SSH does not employ the same authentication procedure that Windows uses to transfer files between computers, it is unable to understand PSCredential objects.
Using the Get-Credential cmdlet in PowerShell and all things credentials are related.
You may also use disconnected sessions using this method.
Creating a Public Key Authentication System
While password-based authentication is simple to set up and use, it has two drawbacks.
- Without someone manually performing the instructions in a secure manner, there is no way to authenticate.
- You’re transmitting a password across the internet.
While the password is encrypted inside the SSH connection, the password is sent to the server in plaintext. If the server is hacked in any manner, it might constitute a security risk.
Making Public and Private Keys
When employing any kind of public-key authentication, the client must first create a public key. Both Linux and Windows must meet this criteria.
On a Linux or Windows Server system, perform the following:
- To create the key pair, use ssh-keygen.
If you use ssh-keygen on Linux, you should be aware that it generates an RSA key pair by default. By default, many modern Linux operating systems will not support the usage of RSA key pairs for authentication. Use ssh-keygen -t ed25519 to fix this.
2. A path to store the private key and a passphrase to encrypt the private key will be requested. You may leave the pass field blank if you don’t want to submit a password during login.
3. Windows Only: Run the below commands from PowerShell where <ProfilePath> is the path to your profile (probably C:UsersUserName).
Set-Service ssh-agent -StartupType Automatic Start-Service ssh-agent ssh-add.sshid ed25519 Set-Service ssh-agent ssh-add.sshid ed25519 .sshid ed25519 Remove-Item
The ssh-agent service in Windows’ version of OpenSSH enables you to keep private keys in the Windows Security Context of the user you’re logged in as. This will allow you to import your SSH private key into the ssh-agent, then erase it from the file system to better protect it.
4. Now copy the public key generated (<user home directory>.sshid_ed25519.pub) to the server you are going to connect to. Windows does not provide a tool to do this copy so it can be completed with SCP. Run the below command to copy the public key to the Linux machine.
To copy from Linux to Windows, follow these steps:
5. Enter the logged-in user’s password. PowerShell/Bash will copy the key and disconnect you from the remote system after you’ve input it.
Using Public Key Authentication to connect to/from Windows/Linux
Connecting to and from Windows and Linux should be simple after you’ve set up the public and private keys. It works in a similar way as password-based authentication.
To connect with a public key on Windows, use the identical commands as shown in Commands for Connecting above. You’ll only notice one difference; you will not get prompted for credentials.
An example of connecting from Linux to Windows using the -v flag to examine what happens during the connection is shown below.
Using the -v option to connect from Linux to Windows is an example.
.Name -like ‘OpenSSH*’ | Get-WindowsCapability -Online | Add-WindowsCapability -Online
Change the filter in the Where-Object script block to OpenSSH.Client* if you only want to install the client, and OpenSSH.Server* if you only want to install the server.
Getting Started with SSH and PowerShell is a good place to start.
Getting the SSH Server Up and Running
When OpenSSH is installed, the Windows firewall on port 22 is opened, but the OpenSSH server service is not started to listen on the port. Run the following PowerShell command to start the OpenSSH server and configure the service to start automatically on bootup on Windows Server.
Set-Service sshd -StartupType Automatic Start-Service sshd
Setting up the OpenSSH Configuration
The sshd config daemon configuration file will be modified next. You must first activate Authentication using a password and then add the PowerShell subsystem to this file.
The simplest way employing passwords is set up in this section of the course. Later in this course, you’ll learn how to set up SSH authentication using certificates.
- Open the configuration file at C:ProgramDatasshsshd config in your preferred text editor.
2. Verify that Authentication using a password is enabled by either commenting out the PasswordAuthentication line with a # or setting it to yes.
Authentication using a password
3. Add the PowerShell subsystem to the system. Add the line Subsystem powershell c:/progra1/powershell/7/pwsh.exe -sshs -NoLogo to PowerShell 7.
- The -sshs option allows PowerShell 7 to operate as a subsystem inside SSH.
- The -NoLogo option causes PowerShell to conceal the copyright information when it starts, ensuring that no unexpected output occurs when the SSH connection is launched.
4. Close and save the configuration file.
5. Restart the Windows service for sshd. Restart-Service sshd is a PowerShell command that may be used to do this.
You should now have everything set up to connect to this Windows Server utilizing PSRemoting via SSH from both the client and the server.
Setting up PSRemoting through SSH on a Linux (Server)
The next step is to install PowerShell and configure OpenSSH on Linux.
Because we’re using CentOS, some of the instructions could be changed if you’re using another distribution.
PowerShell 7+ Installation
Install PowerShell 7 first. This is not something that will be covered in this session. Instead, have a look at the following website.
How to Get and Install PowerShell 7 on Windows, Mac OS X, and Linux
Setting up OpenSSH
You’ll need OpenSSH, much like Windows Server. OpenSSH, unlike Windows, is mostly certainly already installed. The client and server are already installed by default on the CentOS 8 workstation for this tutorial, but you may double-check using the command below:
If the client and server are both installed, the result should look somewhat like this.
Setting up OpenSSH
Set up the SSH configuration file as follows:
- Run sudo vi /etc/ssh/sshd config to open the sshd config file.
2. Adding the PowerShell subsystem by adding the following line to the configuration file, exactly like on Windows Server.
/usr/bin/pwsh -sshs -NoLogo /usr/bin/pwsh -sshs -NoLogo /usr/bin/pwsh -ss
3. Save the file after exiting vi.
4. Restarting the ssh daemon with sudo systemctl restart sshd to implement the modifications.
In most cases, including CentOS 8, Password and PublicKey authentication will be enabled by default. There’s no need to include them here.
Connecting to/from Windows/Linux with Authentication using a password
Once you’ve set up everything on both the Linux and Windows machines, it’s time to put that work you did to good use. Let’s now try to connect from Windows to Linux and vice versa using Authentication using a password.
Password-based authentication resembles SSH with a username and password in appearance and feel.
Commands for Connecting
Let’s utilize both a “ad-hoc” session with the Invoke-Command cmdlet and a permanent session with New-PSSession to try connecting using PSRemoting via SSH from Windows to Linux or Linux to Windows.
Related: The Best Way to Run Remote Code with Invoke-Command
Use Invoke-Command to test the PSRemoting connection:
- Start by launching the PowerShell 7 console.
2. Specifying arguments for the cmdlet Invoke-Command In this scenario, the settings below will connect to SRV1 using a local user account named User on SRV1.
@ $SessionParams SRV1 = HostName SSHTransport = $true UserName = user
3. Invoke-Command by splatting the arguments above and invoking a command (Get-Process in this example) within a scriptblock.
Related: What Is PowerShell Splatting and How Does It Work?
Get-Process Invoke-Command @SessionParams -ScriptBlock
On the SRV1 machine, you should now see a list of all active processes.
You may also create a persistent connection that enables you to connect to and from, as well as perform commands interactively, by:
- Providing and sending the following arguments to the New-PSSession cmdlet.
2. Using the Enter-PSSession cmdlet to connect to that session interactively.
Make a session that will last. @SessionParams $session = New-PSSession Enter-PSSession -Session $session to connect interactively
3. After executing the Enter-PSSession command, you will be required for the user’s password. Within PowerShell, you’d be linked to the other system after you’d authenticated.
It’s worth noting that none of the scripts above needed the typical Credential argument to connect using a login and password. We used the SSHTransport option instead. Because SSH does not employ the same authentication procedure that Windows uses to transfer files between computers, it is unable to understand PSCredential objects.
Using the Get-Credential cmdlet in PowerShell and all things credentials are related.
You may also use disconnected sessions using this method.
Creating a Public Key Authentication System
While password-based authentication is simple to set up and use, it has two drawbacks.
- Without someone manually performing the instructions in a secure manner, there is no way to authenticate.
- You’re transmitting a password across the internet.
While the password is encrypted inside the SSH connection, the password is sent to the server in plaintext. If the server is hacked in any manner, it might constitute a security risk.
Making Public and Private Keys
When employing any kind of public-key authentication, the client must first create a public key. Both Linux and Windows must meet this criteria.
On a Linux or Windows Server system, perform the following:
- To create the key pair, use ssh-keygen.
If you use ssh-keygen on Linux, you should be aware that it generates an RSA key pair by default. By default, many modern Linux operating systems will not support the usage of RSA key pairs for authentication. Use ssh-keygen -t ed25519 to fix this.
2. A path to store the private key and a passphrase to encrypt the private key will be requested. You may leave the pass field blank if you don’t want to submit a password during login.
3. Windows Only: Run the below commands from PowerShell where <ProfilePath> is the path to your profile (probably C:UsersUserName).
Set-Service ssh-agent -StartupType Automatic Start-Service ssh-agent ssh-add.sshid ed25519 Set-Service ssh-agent ssh-add.sshid ed25519 .sshid ed25519 Remove-Item
The ssh-agent service in Windows’ version of OpenSSH enables you to keep private keys in the Windows Security Context of the user you’re logged in as. This will allow you to import your SSH private key into the ssh-agent, then erase it from the file system to better protect it.
4. Now copy the public key generated (<user home directory>.sshid_ed25519.pub) to the server you are going to connect to. Windows does not provide a tool to do this copy so it can be completed with SCP. Run the below command to copy the public key to the Linux machine.
To copy from Linux to Windows, follow these steps:
5. Enter the logged-in user’s password. PowerShell/Bash will copy the key and disconnect you from the remote system after you’ve input it.
Using Public Key Authentication to connect to/from Windows/Linux
Connecting to and from Windows and Linux should be simple after you’ve set up the public and private keys. It works in a similar way as password-based authentication.
To connect with a public key on Windows, use the identical commands as shown in Commands for Connecting above. You’ll only notice one difference; you will not get prompted for credentials.
An example of connecting from Linux to Windows using the -v flag to examine what happens during the connection is shown below.
Using the -v option to connect from Linux to Windows is an example.
The “powershell remoting step by step” is a guide that will help you set up PSRemoting with Windows and Linux. The guide will walk you through the process of setting up the remote connection, connecting to remote machines, and finally logging in remotely.
Frequently Asked Questions
How do I enable PSRemoting on a remote computer?
A: PSRemoting is not enabled by default. You will need to enable it and check the box for Allow incoming connections from this computer in order to allow users on your remote PC access to your local machine
How do I connect to PowerShell in Linux?
A: In order to connect PowerShell to Linux, you need a terminal and an SSH key. If youre not sure how these things work or what they are, read more about them on Wikipedia.
How do I connect Linux to Windows using WinRM?
A: WinRM is a Windows Remote Management protocol that allows Linux servers to be managed remotely on the client. The process of connecting a Linux server to Windows using this service requires three steps:
1) Configure your system with two or more public IP addresses and make sure it has an SSH daemon installed; 2) Set up WinRm to listen for connections from specific ports over those IPs, which will allow you access; 3) Connect via SSH by navigating to one of the specified ports on each machine
Related Tags
- new-pssession
- how to copy files from windows to linux using powershell remoting
- psremoting from linux to windows
- test winrm connection from linux
- powershell ssh command with password