How to Use powershell to manage 100 win servers (Sharing Experience + free command line tools)

Someone in the group asked: how to manage 100 win servers. This is a realistic problem. Take 100win2003 as an example.

Secure Connection with IP + port + User Name + password, mature. It seems that only VPN and SSL are supported. SSL is lightweight and suitable for carrying remote management commands than VPN.

It is unrealistic for you to buy VPN gateway hardware for all the 100 psremoting servers or install 100 soft VPN gateways. Similarly, with VPN, psremoting is almost unnecessary. PS-remouting does not implement VPN either.

Gu believes that the remote management and O & M personnel of powershell urgently need sshd and SCP (SFTP) software of win edition. I have found similar software and shared it with you!

Http://www.freesshd.com/

First, it is a third-party free win sshd server. The command line after you log on can be defined as powershell, or cmd. Other software can only be cmd. With this, you can run powershell commands remotely and securely. Of course, the doscommand also works.

 

Http://www.eldos.com/sftp-net-drive/

A free version is provided for graphic interfaces. Map the SFTP user disk directory (Win and Linux supported) to a drive letter,

 

Https://filezilla-project.org/

Filezilla client is a graphical interface. The free FTP client also supports SFTP to upload, download, and synchronize files.

 

Famous putty

Http://www.chiark.greenend.org.uk /~ Sgtatham/Putty/download.html

Here we need to use the pscp.exe psftp.exe software, which is the command line interface. Copy the file between the sshd and the client and upload and download the script.

 

SSH Secure Shell client 3.2.9

Http://www.onlinedown.net/soft/20089.htm

Run the command on (Win or Linux) sshd server. Ssh2.exe scp2.exe sftp2.exe ssh2.exe

User @ host LS-L; CAT/etc/fstab

 

About file synchronization

Manually map the drive letter, and then use the graphic software for synchronization, or use robocopy for synchronization. For large files, the file content is synchronized in different ways. There is no good way. Rsync or HTTP + zsync should be used.

 

Free + open-source powershell SSH command line module.

Http://www.powershelladmin.com/wiki/SSH_from_PowerShell_using_the_SSH.NET_library

Import module: import-module ssh-sessions

Create a connection: New-sshsession-computername IP address-Port port-username-Password

Delete Connection: Remove-sshsession-computername IP Address

Enter the connection: (Note: the CD command cannot be run in the Linux Command Line, and no tab is complete) Enter-sshsession-computername IP Address

Exit connection: Exit

To obtain the Linux Command result, use $ sshsessions. 'IP address'. runcommand ("command content"). Result

 

Example:

Import-module ssh-sessions

New-sshsession-computername IP address-Port port-username-Password

[String] $ Linux Command Line = "cat/etc/fstab"

$ Returned result = $ sshsessions. 'IP address'. runcommand ($ Linux Command Line). Result

Write-host $ returned results

 

[Where is remote management of powershell worse than sshd ?]

After the trial, I think the remote management of PS-remoting is not good. It's just against humanity!

1. For security, the configuration process is too troublesome. Too fine. Almost no one can configure it successfully!

2. The domain name and host name are required to bind the certificate. This is not realistic.

3. There are too many authentication methods, but they are almost useless. Failed.

3.1 failed to send the username and password to the server in plaintext format =.

3.2 NTLM, I think this is only suitable for domain users, and = fails in the LAN.

3.3 digest does not understand.

3.4 Kerberos does not support IP addresses, but only supports domain name = failed.

3.5 credssp requires domain name = failed.

3.6 SSL requires domain name binding or IP = failure.

For example, if I want to manage 20 Windows hosts, I need 20 different certificates. You also need to bind the certificates to the server's powershell. The client also imports 20 certificates. This is much more difficult than the Remote Desktop software that supports multiple connections!

 

Remote Management of powershell PS-remoting