jsturtevant · February 28, 2021 22:03
diff --git a/install-openssh.ps1 b/install-openssh.ps1
 # modified from https://github.com/Azure/aks-engine/blob/master/parts/k8s/windowsinstallopensshfunc.ps1

 Param(
    [Parameter(Mandatory = $true)][string[]] 
    $SSHKeys
 )

 $adminpath = "c:\ProgramData\ssh"
 $adminfile = "administrators_authorized_keys"

 $sshdService = Get-Service | ? Name -like 'sshd'
 if ($sshdService.Count -eq 0)
 {
    Write-output "Installing OpenSSH"
    $isAvailable = Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'

    if (!$isAvailable) {
        throw "OpenSSH is not available on this machine"
    }

    Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
 }
 else
 {
    Write-output "OpenSSH Server service detected - skipping online install..."
 }

 Start-Service sshd

 if (!(Test-Path "$adminpath")) {
    Write-output "Created new file and text content added"
    New-Item -path $adminpath -name $adminfile -type "file" -value ""
 }

 Write-output "$adminpath found."
 Write-output "Adding keys to: $adminpath\$adminfile ..."
 $SSHKeys | foreach-object {
    Add-Content $adminpath\$adminfile $_
 }

 Write-output "Setting required permissions..."
 icacls $adminpath\$adminfile /remove "NT AUTHORITY\Authenticated Users"
 icacls $adminpath\$adminfile /inheritance:r
 icacls $adminpath\$adminfile /grant SYSTEM:`(F`)
 icacls $adminpath\$adminfile /grant BUILTIN\Administrators:`(F`)

 Write-output "Restarting sshd service..."
 Restart-Service sshd
 # OPTIONAL but recommended:
 Set-Service -Name sshd -StartupType 'Automatic'

 # Confirm the Firewall rule is configured. It should be created automatically by setup. 
 $firewall = Get-NetFirewallRule -Name *ssh*

 if (!$firewall) {
    throw "OpenSSH is firewall is not configured properly"
 }
 Write-output "OpenSSH installed and configured successfully"

diff --git a/networkdebug.ps1 b/networkdebug.ps1
 #using wireshark
 curl.exe -LO https://nmap.org/npcap/dist/npcap-1.00.exe
 # must install via ui
 .\npcap-1.00.exe

 curl.exe -LO https://1.na.dl.wireshark.org/win64/Wireshark-win64-3.4.3.exe
 .\Wireshark-win64-3.4.3.exe /S /EXTRACOMPONENTS=sshdump,udpdump

 [Environment]::SetEnvironmentVariable("PATH", "$PATH;$ENV:ProgramFiles\Wireshark", "Machine")
 tshark

 # see interfaces
 tshark -D 

 # captures on interface 2 for any packets with host
 .\tshark -w c:\dump2.pcap -i "Ethernet 2" host 10.1.0.7

 #using built in capture
 curl.exe -LO https://raw.githubusercontent.com/microsoft/SDN/master/Kubernetes/windows/debug/startpacketcapture.cmd
 cmd /c startpacketcapture.cmd
 netsh trace stop

 curl.exe -LO https://github.com/microsoft/etl2pcapng/releases/download/v1.4.0/etl2pcapng.zip
 Expand-Archive etl2pcapng.zip -destination etl2pcapng
 etl2pcapng\etl2pcapng.exe c:\server.etl c:\server.pcap
	# modified from https://github.com/Azure/aks-engine/blob/master/parts/k8s/windowsinstallopensshfunc.ps1

	Param(
	[Parameter(Mandatory = $true)][string[]]
	$SSHKeys
	)

	$adminpath = "c:\ProgramData\ssh"
	$adminfile = "administrators_authorized_keys"

	$sshdService = Get-Service \| ? Name -like 'sshd'
	if ($sshdService.Count -eq 0)
	{
	Write-output "Installing OpenSSH"
	$isAvailable = Get-WindowsCapability -Online \| ? Name -like 'OpenSSH*'

	if (!$isAvailable) {
	throw "OpenSSH is not available on this machine"
	}

	Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
	}
	else
	{
	Write-output "OpenSSH Server service detected - skipping online install..."
	}

	Start-Service sshd

	if (!(Test-Path "$adminpath")) {
	Write-output "Created new file and text content added"
	New-Item -path $adminpath -name $adminfile -type "file" -value ""
	}

	Write-output "$adminpath found."
	Write-output "Adding keys to: $adminpath\$adminfile ..."
	$SSHKeys \| foreach-object {
	Add-Content $adminpath\$adminfile $_
	}

	Write-output "Setting required permissions..."
	icacls $adminpath\$adminfile /remove "NT AUTHORITY\Authenticated Users"
	icacls $adminpath\$adminfile /inheritance:r
	icacls $adminpath\$adminfile /grant SYSTEM:`(F`)
	icacls $adminpath\$adminfile /grant BUILTIN\Administrators:`(F`)

	Write-output "Restarting sshd service..."
	Restart-Service sshd
	# OPTIONAL but recommended:
	Set-Service -Name sshd -StartupType 'Automatic'

	# Confirm the Firewall rule is configured. It should be created automatically by setup.
	$firewall = Get-NetFirewallRule -Name ssh

	if (!$firewall) {
	throw "OpenSSH is firewall is not configured properly"
	}
	Write-output "OpenSSH installed and configured successfully"
	#using wireshark
	curl.exe -LO https://nmap.org/npcap/dist/npcap-1.00.exe
	# must install via ui
	.\npcap-1.00.exe

	curl.exe -LO https://1.na.dl.wireshark.org/win64/Wireshark-win64-3.4.3.exe
	.\Wireshark-win64-3.4.3.exe /S /EXTRACOMPONENTS=sshdump,udpdump

	[Environment]::SetEnvironmentVariable("PATH", "$PATH;$ENV:ProgramFiles\Wireshark", "Machine")
	tshark

	# see interfaces
	tshark -D

	# captures on interface 2 for any packets with host
	.\tshark -w c:\dump2.pcap -i "Ethernet 2" host 10.1.0.7

	#using built in capture
	curl.exe -LO https://raw.githubusercontent.com/microsoft/SDN/master/Kubernetes/windows/debug/startpacketcapture.cmd
	cmd /c startpacketcapture.cmd
	netsh trace stop

	curl.exe -LO https://github.com/microsoft/etl2pcapng/releases/download/v1.4.0/etl2pcapng.zip
	Expand-Archive etl2pcapng.zip -destination etl2pcapng
	etl2pcapng\etl2pcapng.exe c:\server.etl c:\server.pcap