I have managed to do what I want using this awful two lines code:
cd "C:\Program Files\OpenVPN\bin"
start openvpn.exe --config Netherlands1-UDP.ovpn --auth-user-pass info
I would like to do it in one line. It seems easy but it doesn't work. Maybe it's because of the space in "Program Files".
To run a command all in one line, it would be something like:
cd "C:\Program Files\OpenVPN\bin" && start openvpn.exe --config Netherlands1-UDP.ovpn --auth-user-pass info
Make sure the OpenVPNServiceInteractive is running, because from its description :
It allows OpenVPN GUI and other clients to establish OpenVPN connections without administrative privileges in a secure way.
Related
How do you setup VcXSrv.exe on Windows 10 to work with WSL2 without disabling access control? Every description on the internet shows to disable the access control, but this allows any program on the local network to log your keystrokes and mouse movements among other things.
Rather than disabling access control on VcXSrv, you should use the .Xauthority file to share keys between your X11 clients and the VcXSrv X11 server. The .Xauthority contains a collection of authorization keys indexed by the DISPLAY . You'll need to setup this file with a key for your particular Windows host and share that file between the VcXSrv and your X11 clients running on your WSL2 distro. To setup this, follow these steps:
Run your WSL2 distro (Assuming this is a debian based one) and install xauth, md5sum and gawk or awk. We'll also install some X11 client to test our setup. In this case, we'll install gnome-terminal but you can install something else if you want. On an Ubuntu distro, you can do:
sudo apt install -y xauth coreutils gawk gnome-terminal
xauth list # this should be an empty list
magiccookie=$(echo '{some-pass-phrase}'|tr -d '\n\r'|md5sum|gawk '{print $1}')
xauth add host.docker.internal:0 . $magiccookie
cp ~/.Xauthority /mnt/c/Users/{WindowsUserName}
Add the following to either your ~/.bashrc in your WSL2 distro home dir
export DISPLAY=host.docker.internal:0
We need to create either an XLaunch configuration file (i.e. config.xlaunch ) or
a shortcut to VcXSrv.exe with the desired command line args. XLaunch is a simple launcher
that assists in setting up the arguments and in turn calls vcxsrv.exe. We'll ignore using XLaunch and
just create our own shortcut with the appropriate arguments.
We want to run VcXSrv.exe with these args:
vcxsrv.exe -multiwindow -clipboard -wgl -auth {.XAuthority file} -logfile {A Log file} -logverbose {int log level}
From above, we copied the .Xauthority file to /mnt/c/Users/{WindowsUserName}/.Xauthority which means our desired command line is:
vcxsrv.exe -multiwindow -clipboard -wgl -auth "c:\users\{WindowsUserName}\.Xauthority" -logfile "c:\users\{WindowsUserName}\VcXSrv.log" -logverbose 5
Feel free to omit the logfile and logverbose options if you're not debugging any issues. So you can just do:
vcxsrv.exe -multiwindow -clipboard -wgl -auth "c:\users\{WindowsUserName}\.Xauthority"
Remember to replace {WindowsUserName} with the name of your folder under c:\Users.
To create the shortcut, navigate to where VcXSrv.exe is installed. The default location of this is
C:\Program Files\VcXSrv\VcXSrv.exe
In the explorer file window, right click on the VcXSrv.exe and click "Create Shortcut" . This will create a shortcut
on your desktop.
Right click over the created shortcut icon, and select properties.
In the Shortcut tab, append the arguments above after the executable . It should look something like:
"C:\Program Files\VcXSrv\VcXSrv.exe" -multiwindow -clipboard -wgl -auth "c:\users\{WindowsUserName}\.Xauthority"
In the General tab of the Properties dialog, change the name to be "VcXSrv with XAuthority".
Click ok.
Now you can start the X11 server by double clicking on the shortcut.
If you wish to have the X11 server started at startup, follow the instructions here:
https://support.microsoft.com/en-us/windows/add-an-app-to-run-automatically-at-startup-in-windows-10-150da165-dcd9-7230-517b-cf3c295d89dd
Now back in the WSL distro terminal, you should be able to run
the gnome-terminal or other X11 client and have it display securely
on the VcXSrv X11 server running on the Windows host.
export DISPLAY=host.docker.internal:0
gnome-terminal
This should result in the gnome-terminal being displayed on your X11 Server. Further, the xauthority file will be used to allow only authorized clients to connect to your X11 server.
First a screenshot that shows OpenSSH installed on Windows 10...
Above, I use the command ssh -V in the command prompt to make sure OpenSSH is installed.
Now.. It appears that throwing the following one liner into a .bat file to login to a linux server via ssh doesn't do anything.
ssh -p 22 root#10.10.1.100
When I type the same one liner into a windows 10 command prompt since Windows 10 now has OpenSSH built in, it logs me in just fine.
What I am missing?
Firstly, do not name your batch file ssh.bat or ssh.cmd and it will probably be best if you use the full path to the executable:
#echo off
"C:\Windows\System32\OpenSSH\ssh.exe" -p 22 root#10.10.1.100
pause
but it is probably better to use the %windir% environment variable:
#echo off
"%windir%\System32\OpenSSH\ssh.exe" -p 22 root#10.10.1.100
pause
Having read this question and my answer there, I would like to do a similar thing on Windows.
My Linux solution is this:
#!/bin/bash
[[ $1 =~ password: ]] && cat || SSH_ASKPASS="$0" DISPLAY=nothing:0 exec setsid "$#"
How can I do a similar thing on Windows, something I can use like this from a Windows Command Prompt or batch file:
C:> echo password | pass ssh user#host ...
Points to note:
ssh here was installed using the free edition of crwsync. It uses Cygwin DLLs but does not require a Cygwin install.
the solution should not require further dependencies: it work from a typical Windows Command Prompt or batch file.
I'm looking for an answer to the above, even if the answer is "it can't be done". I know I can use keys (and their relative merits), or other tools such as Python/Paramiko, PuTTY plink, and so-on. I know I can do it in a Cygwin environment. I don't want to do those things... I need to do it from a plain old Windows command prompt or batch file without incurring additional dependencies because, if this is possible, it will reduce existing dependencies.
Here is what I have so far:
#echo off
echo.%1 | findstr /C:"password">nul
if errorlevel 1 (
set SSH_ASKPASS="%0"
set DISPLAY="nothing:0"
%*
) else (
findstr "^"
)
The idea is to save that as, say pass.bat and use it like this:
C:> echo password | pass.bat ssh user#host ...
What happens is that the SSH session is launched but ssh still interactively prompts for the password. I think that, in theory, the script is ok becuse the below works:
C:> echo mypassword | pass.bat pass.bat "password"
mypassword
As far as I understand, the underlying Cygwin DLLs should see the Windows environment so the setting of SSH_ASKPASS should propagate into ssh.
I think the problem is that ssh is connected to the terminal. According to man ssh, If ssh needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal. This is why I use setsid in the Linux example. I think a way to detach the process from the terminal in Windows is required but I am not sure there is one (I did try start /B).
So I'm stuck - I don't know enough about scripting windows to know what should work. Any solution that uses native windows techniques (i.e. batch or perhaps powershell) and does not require anything not available on a vanilla Windows would be welcome.
The solution will be used by a cross platform application that I am working on that needs to use SSH to interact with an external service. The current prototype version is Python and is aready wired up to launch ssh as a subprocess. The Linux version already uses the above method so I would like a Windows solution that does not require reworking of the application.
SSH will never read password from stdin. I would give a shot sshpass utility, which is quite standard for this task. The other common solution is using expect script (which should work the same way on the Cygwin as on Linux).
Im trying to execute script on remote machine (script resides REMOTELY, and NOT in agent folder or whatever) through Command Line Runner:
#echo off
%env.ALLUSERSPROFILE%\JetBrains\TeamCity\plugins\.tools\psexec.exe \\12.34.56.78 -h -u admin -p 12345 T:\Folder\Script\update.cmd T:\Folder\Server
But I always get:
The system cannot find the path specified.
Process exited with code 1
And NOTHING else. TeamCity and psexec just scrambling output and not giving it out on what actually not found, what is the problem or whatever. It just freaks me out to even use psexec to run something.
What am I doing wrong? What else do I need to specify to JUST run it remotely (Im not asking about giving me output of script, because as I searched I understand what such simple functionality is not supported by psexec at all)?
Situation: Running the bat file on windows machine:
1. When I double click the bat file: Bat running is failed.
2. When I right click on bat file and run as administrator: Bat run is successful.
Now I have to run this bat file successfully from remote machine.
What I did:
1. Installed freeSSDd on remote machine and configured administrator user on freeSSHd to access shell and SFTP.
2. Now I am able to login to the remote machine using putty.
Problem:
I am not able to run the bat file successfully. How can I achieve this?
I also used runas /savecred /user:administrator C:/install.bat, but It didn't helped.
There is a way to get this working without any 3rd party software.
You have to create a task on the remote machine using the windows task scheduler which simply executes the desired command. There is an option where you can tell the scheruler to run a bat with a specific account. Enter an admin account and the password and check the "run with highest privileges" box. Leave "Triggers" empty, go to "Settings" and check the "Allow task to be run on demand" box. That's it!
Now when you want to run your file from a different location do
SCHTASKS /RUN /S <RemoteServerName> /U username /P password /TN "<task name>"
If you don't want to enter username and password each time you can adept the user policy (e.g. add the calling machine to the trusted list of the server).
If you have installed an ssh daemon, then you can run your BAT in a remote shell, but you remote shell may open up in something other than CMD.COM. I use cygwin to set up sshd and then from a remote machine, if I ssh in to run a command, it is using cygwin's bash. I can run a BAT file, but need to call CMD first:
ssh WINDOWS_SERVER "cmd /C D:\PATH_TO_BAT\BATCHFILE.BAT"
But there are some pieces missing here. I looked briefly at the Freesshd page and saw only graphical interfaces. Does freesshd support remote command execution, or just secure fire transfer? And what sort of shell get executed on the windows server when you run it?
cygwin is an entire Linux subsystem that runs under Windows and includes an sshd server, but might be a bit much for someone starting out: https://cygwin.com/
\n makes a powershell remote server that listens on port 22 (ssh) and dumps you into a powershell prompt, you can then use my steps above to call CMD from powershell, versus a bash shell.
http://www.powershellserver.com/