I'm running into a weird issue here.
I have a Windows server setup to allow SSH access via Cygwin.
The idea behind this is to allow me to remotely execute Powershell commands from one of my Linux boxes. Now, in the hopes of being secure while still allowing for automation, I did your typical ssh-copy-id to my designated account on that box. I then tried logging in via SSH keys... success! Now here's the weird part. I run my Powershell command:
powershell 'C:/cygwin64/scripts/add_email_address_to_distribution_list.ps1'
And get the following error message:
$ powershell
'C:/cygwin64/scripts/add_email_address_to_distribution_list.ps1'
Add-DistributionGroupMember : Value cannot be null. Parameter name:
serverSettings At
C:\cygwin64\scripts\add_email_address_to_distribution_list.ps1:2
char:28
+ Add-DistributionGroupMember <<<< -Identity some_distribution_list -Member user# domain.com
+ CategoryInfo : NotSpecified: (:) [Add-DistributionGroupMember],
ArgumentNullException
+ FullyQualifiedErrorId : System.ArgumentNullException,Microsoft.Exchange.
Management.RecipientTasks.AddDistributionGroupMember
Now if I remove the pubkey from my account's .authorized_keys file, login with my usual password, and retry... the script works!
I'm stumped as to why authentication via password over SSH allows for the script to run successfully , while authentication via keys over SSH doesn't.
Any ideas?
EDIT:
Here's the script that's being run:
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
Add-DistributionGroupMember -Identity some_distribution_list -Member user#domain.com
Related
I am trying to access powershell from another user (user2), but at the same time I also want to access the resources of my main user (user1), I have a virtual environment, windows server 2022 and a windows 10 pro machine, in which I am doing the following:
Right click on the powershell icon > Run as another user, then I access user 2 to which I want to connect with their respective credentials.
Once this is done in powershell I execute the following:
runas /user:corp\user2 /netonly powershell
Then, I put the credentials again and navigate to the path of my main user(user1) and when I execute "ls", it gives me the following error:
ls : Access denied to path 'C:\Users\user1'.
At line:1 char:14
+ ls
+ ~~
+ CategoryInfo : PermissionDenied: (C:\Users\user1:String) [Get-ChildItem], UnauthorizedAccessExcepti
on
+ FullyQualifiedErrorId : DirUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
Hope you can help me out here. I've been playing around with some SSH authentication. I have no idea why this is happening, but now when I run a simple ssh-keygen command I get a response saying Access is denied. in addition to a pop-up that reads "This app can't run on your PC. To find a version for your PC, check with the software publisher".
I then tried running the ssh-keygen command in Powershell (as admin and as regular user) and got the following:
Program 'ssh-keygen.exe' failed to run: The specified executable is not a valid application for this OS platform.At
line:1 char:1
+ ssh-keygen
+ ~~~~~~~~~~.
At line:1 char:1
+ ssh-keygen
+ ~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (:) [], ApplicationFailedException
+ FullyQualifiedErrorId : NativeCommandFailed
However, using ssh -V shows that it is installed:
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
I can still SSH fine into other devices, if that's of any relevant.
Any help would be very much appreciated here!
I am trying to SSH to a remote Windows machine (an AWS ec2 instance) by using an username and password of the remote machine. I need to automate this connection to run some remote commands from my script (either shell or Power shell) without prompting me for a password, My script shouldn't fail by expecting a password to be prompted
I don't want to use sshpass or any generated keys (by using ssh-keygen). Since the source machine where I run this command/script is not a dedicated machine, I may run it on a different machine everytime. I also gave a try to connect using the .PEM file provided by AWS as below (thought it could be easy while using it the script).
$ssh -i aws_keypair.pem Administrator#10.10.10.10
Administrator#10.10.10.10's password:
It is still expecting me for a password even if I used the .PEM file, I also tried to created an file 'authorized_keys' in the remote Windows machine under the path "C:\Users\Administrator.ssh\". Still it is prompting me for a password.
Expectation :
Connect to remote Windows machine using PEM file and run some remote commands.
(or)
It shouldn't prompt me for a password while I try for the connection from some script (shell/power shell).
Can be done without any 3rd party tools like this:
$env:TMPPW=Get-Content -Path 'secure_file.txt' ; $un='MyUserName'
$j=Start-Job -ScriptBlock{Start-Sleep -Seconds 1
(New-Object -ComObject wscript.shell).SendKeys("$env:TMPPW{ENTER}")}
& ssh.exe -q -4 -l $un 127.0.0.1 'whoami'
$env:TMPPW=([guid]::NewGuid()).Guid ; $env:TMPPW=$null
I am able to achieve this using Plink command (Installation of Putty is required on source machine to execute this command). So now, I am able to successfully pass the username and password with in the script (Shell script) and everything is working as expected.
FYI, I am pasting the exact command which worked for me
$echo y | plink -ssh Administrator#10.10.10.10 -pw abc123 "dir"
I'm struggling to figure out what is going on, but it has a pretty widespread effect on a system I'm working with.
I have several machines running a service, but when I try to query the service (both in .net and in powershell) the service is not found. When I connect to the machine via RDP, the service shows up. I've already confirmed that I had permissions on the service, including granting explicit permissions to the service for my user using subinacl.
I do get a result back from get-service -computername $server but it doesn't list the service I'm looking for. Is there a group policy or windows configuration that I'm missing here? Why would some services show up remotely but not all of them?
Any tips/advice on what to look for would be greatly appreciated.
EDIT: Using this command:
get-Service -computername $servername | Export-Csv C:\temp\Local.csv -notypeinformation
On the machine yields the following file:
https://drive.google.com/open?id=1aXvIgWT4NU2EN4j14JlxrY-jHGp-hG2Q
Running the same command remotely against the machine yields the following file:
https://drive.google.com/open?id=16NvRgrQsSGc9CKlqmIqntLy1bkLMl5tJ
EDIT2:
Command:
Get-Service -Computername $servername -Name 'AdobeARMservice'
Running Remotely Result:
Get-Service : Cannot find any service with service name
'AdobeARMservice'. At line:1 char:1
+ Get-Service -Computername $servername -Name 'AdobeARMservice'
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (AdobeARMservice:String) [Get-Service], ServiceCommandExcep
+ FullyQualifiedErrorId : NoServiceFoundForGivenName,Microsoft.PowerShell.Commands.GetServiceCommand
Running Locally Result:
Status Name DisplayName
------ ---- -----------
Running AdobeARMservice Adobe Acrobat Update Service
Edit3:
This issue can also be seen in the microsoft service list.
While locally on the machine:
While remote:
The powershell documentation for get-service says:
This cmdlet can display services only when the current user has
permission to see them. If this cmdlet does not display services, you
might not have permission to see them.
I would therefore assume that your remote user is a different user than the local user.
if you truly have access rights, you could just do this instead
invoke-command -computername $servername -scriptblock {get-service} | export-csv C:\temp\Local.csv -notypeinformation
What I mean:
If I...
run runas /netonly /user:computername\username cmd
enter the password for the local admin account "username"
then type psexec \\computername cmd
I now have a working shell and can run commands as the local admin user on the remote machine.
However, trying to run this without the runas... and instead with the username and password arguments of psexec returns an access denied error.
Example below:
psexec \\computername -u username -p password cmd
Access Denied
Note: Others seem to also have this issue. My refined questions:
Is this intended behavior?
Why even have the -u and -p?
I have also tried disabling the firewall on both my machine and the target machine, and adding the registry key listed here.
When you initiate a connection with PsExec.exe, it tries to use the credentials you are currently authenticated with to copy the PSEXESVC to the \\$machine\ADMIN$\System32 share VIA SMB, which enables the communication with your PsExec.exe and the $machine's service.
If your currently logged in user account does not have access to \\$machine\ADMIN$\System32 and the ability to install/start services, then this won't work.
I'm assuming if you have access with your user account that this would work.
Here is a very interesting article from 2004 on reverse-engineering of the original implementation. I am pretty sure it has changed in that time with Windows 7 & Windows 10.