I have a Vagrant/Puppet VM that needs to execute SSH at a certain point and needs to forward the GIT_* variables, so that the server could Authenticate the automatic scripts without failing.
On Linux/Mac that's straightforward. But how to do it on Windows? (I have 8, but I guess is more or less the same for all >XP)
I searched over the net but all the solutions seem to rely on PuTTY, while I don't want to follow that approach (I'm looking for a solution that doesn't rely on PuTTY or Cygwin)
How to forward environment variables through SSH over Windows?
I cannot even find a way to set a custom config file where to put the directives.
Related
Our team has ~80 Windows development machines, and activities of each developer are logged as text files on the local storage of those machines.
To analyze the logged activities, I want to gather all log files from those machines. Additionally, the log files are updated constantly, so It is desirable to gather files with the command-line from my machine.
I’ve searched and found some solutions, but all of those are not suitable for our situation:
We cannot use PsExec, because tcp/135 and tcp/445 are both closed (countermeasure for WannaCry).
Administrative share is disabled.
telnet service is not up and is banned by security reasons.
WinRM is disabled on those machines by default.
It is difficult to install new software like OpenSSH on those machines (because of the rule of this project)
RDP is the only way to connect those machines. (I have an account on all machines)
How can I copy files from remote Windows machines with command-line through RDP?
Or, at least, is there any way to execute a command on remote Windows machines with command-line through RDP?
I think you can do this, though it is very hacky :)
For a basic setup, which just copies files once, what you would need to do is
Run a script in the remote session when it logs in. I can think of three ways to do this:
Use the "Alternate Shell" RDP file property. This runs a specified program in place of explorer.exe on login; you can use it to run "cmd.exe /c [your script]" for instance.
If that doesn't work (e.g. the remote machine doesn't respect it), you might be able to use a scheduled task that runs the script on login, but perhaps only for a specified user, or maybe the script could check the WinStation type to make sure this is actually an RDP connection before doing anything.
It's also possible to do this by connecting in RemoteApp mode and using the script as your "application", but that only works for Server and Enterprise editions of Windows.
Enable either drive redirection or clipboard redirection on the RDP connection, to give you a way to get data out.
Drive redirection is much simpler to script; you just have the remote script copy files to e.g. "\\tsclient\C\logs".
Clipboard redirection is theoretically possible - you have the remote script copy, then a local script paste - but would probably be a pain to get working in practice. I'm only mentioning it in case drive redirection isn't available for some reason.
You would probably want to script to then log the session off afterward.
You could then launch that from command-line by running "mstsc.exe [your RDP file]". The RDP files could be programmatically generated if needed (given you're working with 80 machines).
If you want a persistent connection you can execute commands over, that's more complicated, but still technically possible. Two ways I can think of:
Use the previous method to run a program on logon, but this time create a custom application that receives commands using a transport that isn't blocked and executes them in the session. I've done this with WCF over HTTP, for instance; it's not secure, of course.
Develop and install a service on the remote machine that opens an RDP virtual channel, and a corresponding RDP client plugin that communicates with it. You can then do whatever you want across the connection. While this solution would be the most likely to work, it's also the most heavyweight and time-consuming to implement so it's probably a last resort.
I'm currently developing apps for the inPulse watch (if you're a geek, check out www.GetInPulse.com) and am compiling for the watch while on a Mac. But deploying the app to the device takes several minutes. They do however offer a simulator, but that only runs under Linux so I installed Ubuntu in a VM, which works great.
What I'm hoping is to stay completely on the Mac side, except be able to execute a build step or shell script that can 'call into' the VM and launch a shell script there which kicks up the simulator. That way I can just add 'sim' as a step in my makefile back on the 'mac' side.
Currently, I'm mousing back and forth too damn much and I have terminals open all over the place in both the host and the guest OSes. Just trying to clean that up and cross-machine scripting seems like it would work in theory. Just don't know if the boundaries of cross-machines are even a valid thing.
The host OS doesn't know what a “shell” is inside the guest. A shell is an OS-dependent concept, and while the host OS technically knows everything that's going on in the guest, its only contact is by observing the guest memory and the instructions it runs, altogether the wrong level of abstraction here.
The most natural way to run shell commands from one OS to another is to use a remote shell facility over a network link; in practice, that means SSH. You need a network link between the two machines, and once you have that, it doesn't matter that one is a VM running inside the other. There probably is a network link already between the two machines; in case there isn't, make sure you activate a bridged network or a host-only network or whatever your VM technology offers.
Install an SSH client on the host (there's probably one already) and an SSH server on the guest (openssh-server Install openssh-server http://bit.ly/software-small). Then set up public-key authentication between the two machines so you don't need to type a password all the time.
You'll get shell access on the guest. If you need to manipulate GUI applications, you'll need to work a little more than that. ssh DISPLAY variable may help, or perhaps How can I run Firefox on Linux headlessly (i.e. without requiring libgtk-x11-2.0.so.0)?.
is it possible to execute a command (ex: launching a .bat file located on the remote machine) on a Windows Remote Machine, using a UNIX or Linux Machine ?
Is there something like a scp/ssh mechanism or at least a way to connect to a Windows Machine passing through the network ?
Thanks for your help.
By default, recent Windows versions only support the Remote Desktop protocol. As far as I know, client versions only allow a single user, while server versions with installed Terminal Services allow for multiple simultaneous users.
Windows Server versions also support the Telnet protocol, but the server is disabled by default - it may not even be installed. Therefore you will have to enable it manually. Do you really want to use Telnet of all things, though? Just the security concerns are enough to make it mostly useless.
There is also a version of OpenSSH for Windows, that uses the Cygwin DLL. I have not tried it, but using an SSH implementation from the Unix world does have its appeal (and probably a few disadvantages). See also this.
EDIT:
Recent Windows versions also support the Windows Remote Management system, which allows you to launch an interactive session throuh a bit of trickery.
You may want to try Vandyke VShell.
My interactive 32-bit Windows app (now moving from Delphi [Ent] 2007 to 2009) uses command-line interactions to spawn child processes that do computationally-intensive tasks, which in turn write text files that the GUI parent app parses and analyzes - resulting in an interactive graphical display of the results.
I have access to a multiprocessor (multi-user) Linux cluster (via ssh), and would like to off-load the heavy lifting to that cluster. My question is how to spawn the processes in Linux from my Windows app. I can envision using secure FTP to put and get files, but not sure how to spawn the child processes in Linux.
Some leads for further reading would be fine - but code/pseudocode would be ideal. I can imagine that this may be more about Windows-Linux interaction than Delphi.
if you have access to ssh, one option is to issue commands through that.
For example:
ssh user#host ls -l ~
will in the ssh terminal show the files in the user's home directory. I'm not sure if this is what you really want. But it would likely work.
If you do this, you almost certainly want to setup SSH password less logins
However, A more ideal solution would likely be to setup a daemon on the linux boxes whose sole job is to run specific long running tasks in the background and let you fetch the results later.
You're going to have to install something on the Linux machine to run the process. You might find some kind of clustering or batch job submission API you can install and access from Windows. You might have to code a custom server. You might be able to run everything over ssh if you can drive an ssh process from Windows and if you have sshd installed on the Linux side. But my preference would be to write a webservice or simple CGI script on the Linux side designed to take your arguments and data and return the result over plain old http (or https as the case might be).
One way or another, this is going to encompass more than just coding on the Windows side.
I would download the full "putty" package.
As well as the excellent secure shell terminal, it includes PSCP to transfer files securely and PLINK to remote execute commands over SSH.
Hint: you will need to set up the full public/private key configuration for PLINK to work without an annoying password prompt. There is a useful guide http://unixwiz.net/techtips/putty-openssh.html>here.
I am developing some Python programs that I'm running on a remote Ubuntu Linux server (hosted on Slicehost). I would like to work on the source in an IDE on my Windows Vista PC, and have all file modifications sent directly to the Linux box without my intervention (i.e. without having to manually SFTP the files each time I change them). What is the very easiest way I can do this?
WinSCP includes a basic remote file editor, though if you want to use a proper IDE for your development this won't be much help.
I'd suggest you run a version control system like subversion, which would allow you to write a post-commit hook to automatically rsync your code the server with each commit.
Use PuTTy and SFTPDrive.
PuTTy is an SSH client, and SFTPDrive ($39 USD) will allow you to mount your remote file system locally as a drive letter.
Install Samba and OpenVPN on the server, and OpenVPN on the client. Setup Samba to share the directory tree you're interested in, and access it over the VPN for security. Perhaps Vista has non-sucky WebDAV support by now, and you could use WebDAV over HTTPS, but it was always crap under XP.
Ben's suggestion of a local dev environment using a VM is also a winner.
You could install cygwin and then have rsync run on cron every minute.
Or you could use Netdrive to access the server via FTP like a local disk:
http://tech.xptechsupport.com/netdrive-turn-your-ftp-into-a-drive-letter.html
Or you may be able to achieve something similar using cygwin and FUSE - you can on linux, but never tried it on cygwin.
Also, would it not be easier to set up a full dev environment locally? Maybe using a virtual machine? It'll be much quicker for testing. And then you can set up a shell script to transfer the current version to the slicehost server.