Last active
December 9, 2021 18:01
-
-
Save ZviBaratz/05489f2af5d5c6310563dbfaacbd920f to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ########################################################################## | |
| # Automated OpenSSH Server configuration for Windows through the Windows # | |
| # Subsystem for Linux (WSL). # | |
| ########################################################################## | |
| # | |
| # Before this script can be run successfully, please make sure WSL is | |
| # installed and enabled by running the following command in the PowerShell: | |
| # | |
| # wsl --install | |
| # | |
| # If you get the wsl command's manual page, wither wsl is already installed | |
| # on your system, or you need to run: | |
| # | |
| # wsl.exe --install -d Ubuntu | |
| # (See https://github.com/MicrosoftDocs/WSL/issues/1054#issuecomment-756981917) | |
| # | |
| # After installation, you must reboot your computer: | |
| # shutdown -r | |
| # | |
| # Wait for Ubuntu to finish its setup process. Once completed, this script should install | |
| # and configure OpenSSH Server using a new user (by default wslssh) and | |
| # the provided password. | |
| $wslUsername = "wslssh" | |
| $wslPassword = "wslsshPass" | |
| $createUserCommand = "sudo useradd $wslUsername" | |
| $changePasswordCommand = "echo `"${wslUsername}:${wslPassword}`" | chpasswd" | |
| # Create new user in WSL. | |
| wsl /bin/bash -c "$createUserCommand || $changePasswordCommand" | |
| # Install OpenSSH Server within WSL. | |
| $removeSSH = "sudo apt remove -y openssh-server" | |
| $installSSH = "sudo apt install -y openssh-server" | |
| # Edit the OpenSSH Server service configuration to allow remote access for | |
| # the current user using password authentication. | |
| $sshdConfigPath = "/etc/ssh/sshd_config" | |
| $sedPatten = "s/PasswordAuthentication no/PasswordAuthentication yes/g" | |
| $enablePasswordAuth = "sudo sed -i -e '${sedPatten}' ${sshdConfigPath}" | |
| $allowUser = "echo 'AllowUsers ${wslUsername}' | ` | |
| sudo tee -a /etc/ssh/sshd_config" | |
| $restartSSH = "sudo service ssh --full-restart" | |
| # Allow the SSH service to be started using an external trigger from Windows. | |
| $startSSHTask = "echo '%sudo ALL=NOPASSWD: /usr/sbin/sshd' | ` | |
| sudo tee /etc/sudoers.d/ssh" | |
| # Execute WSL SSH setup. | |
| wsl -u root /bin/bash -c ` | |
| "$removeSSH && ` | |
| $installSSH && ` | |
| $enablePasswordAuth && ` | |
| $allowUser && ` | |
| $restartSSH && ` | |
| $startSSHTask" | |
| # Create a new task on Windows to start the SSH service on system startup. | |
| $taskName = "Start SSH Server" | |
| $taskDescription = "Starts the OpenBSD Secure Shell server service on WSL." | |
| $taskExecutable = "%windir%\System32\bash.exe" | |
| $taskArgument = '-c "sudo /etc/init.d/ssh start"' | |
| $taskAction = New-ScheduledTaskAction ` | |
| -Execute $taskExecutable ` | |
| -Argument $taskArgument | |
| $taskTrigger = New-ScheduledTaskTrigger -AtStartup | |
| Register-ScheduledTask ` | |
| -TaskName $taskName ` | |
| -Action $taskAction ` | |
| -Trigger $taskTrigger ` | |
| -Description $taskDescription | |
| # Create a new firewall rule to allow inbound TCP traffic on local port 22. | |
| New-NetFirewallRule ` | |
| -DisplayName "SSH Server" ` | |
| -Direction Inbound ` | |
| -LocalPort 22 ` | |
| -Protocol TCP ` | |
| -Profile Domain,Private ` | |
| -Action Allow |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment