PowerShell Remoting From macOS To Windows Server

In our shop, we run the always-excellent PDQ Deploy from Admin Arsenal. However, I wanted a way to control the PDQ console using the command line on my day-to-day workstation, which is a Mac.

To do this, as it turns out, only requires working through some decent (slightly incomplete) documentation online. Amazingly, it's possible!

You'll need:

• PowerShell Core for MacOS
• PowerShell Core installed on the Windows server
• The Win32 OpenSSH build installed on the Windows server

First, you'll need to configure the Windows server or workstation to allow incoming SSH connections via Powershell.

1. Begin by installing the latest stable .msi of PowerShell Core from the GitHub repo for your build of Windows.

2. Once that's installed, you'll need to install Win32 OpenSSH. Download the .zip here.

3. Extract contents of the latest build to C:\Program Files\OpenSSH

4. In an elevated (Administrator) PowerShell window, run the following:
   powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps1 , where install-sshd.ps1 is the installer file located in the newly extracted directory.

5. In the same elevated PowerShell window, open the firewall for sshd.exe to allow inbound SSH connections:
   New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
   Note: New-NetFirewallRule is for Windows 2012 and above servers only. If you're on a client desktop machine (like Windows 10) or Windows 2008 R2 and below, try:
   netsh advfirewall firewall add rule name=sshd dir=in action=allow protocol=TCP localport=22

6. Start sshd (this will automatically generate host keys under %programdata%\ssh if they don't already exist)
   net start sshd

7. Setup sshd and ssh-agent to auto-start (optional)
   Set-Service sshd -StartupType Automatic
Set-Service ssh-agent -StartupType Automatic

8. Then you need to edit the sshd_config file at %ProgramData%\ssh\. Add a PowerShell subsystem entry as follows: Subsystem powershell c:/program files/powershell/6.0.2/pwsh.exe -sshs -NoLogo -NoProfile

   a. This may require 8.3 naming scheme for the "Program Files" folder. OpenSSH has a known issue with Windows paths containing spaces: "/Program Files" to "/progra~1".

   b. Make sure that PasswordAuthentication Yes is uncommented.

9. Restart the sshd service: Restart-Service sshd

10. Add the path where OpenSSH is installed to your PATH environment variable. The path should be something like: C:\Program Files\OpenSSH\

Next, you'll need to install PowerShell Core on the Mac you want to connect with.

Simply install the .pkg file for the stable build from the same GitHub repo.

Then, let's connect:

1. Start PowerShell in your terminal by typing pwsh.
2. Enter a new PSSession remotely by typing:
   Enter-PSSession -HostName [server name] -UserName Domain\User -SSHTransport

And that's it! You should now be able to remotely execute PowerShell.