Invoke-Command with Kerberos authentication #18462
-
Hello, We configured our machines (Client: Windows and Server: Linux) in order to allow client to connect to server with ssh -K . In this case Kerberos authentication is used and everything is fine. But we want to execute Powershell Invoke-Command on client machine which runs a script on remote Linux. This works if you provide a -Hostname as parameter and an username or private/public key file. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
It's certainly possible but just not simple. There are two ways you can do this:
Add the following to your
Where
# Use .bat file for Windows here
$script = Set-Content ./my_ssh -Value @'
#!/usr/bin/env bash
ssh -K "$@"
'@
chmod +x ./my_ssh
$ExecutionContext.InvokeCommand.PostCommandLookupAction = {
param ($Command, $EA)
if ($Command -eq 'ssh') {
$EA.Command = Get-Command (Join-Path $PSScriptRoot 'my_ssh')
}
}
try {
Invoke-Command -HostName hostname -ScriptBlock { $env:USERPROFILE }
}
finally {
$ExecutionContext.InvokeCommand.PostCommandLookupAction = $null
} This will change the binary that PSRemoting is called from |
Beta Was this translation helpful? Give feedback.
It's certainly possible but just not simple. There are two ways you can do this:
Add the following to your
~/.ssh/config
fileWhere
hostpattern
is a pattern for the hostname(s) you wish to use GSSAPI/Kerberos auth with. For example I haveHost *.domain.test
to enable GSSAPI for any host in the.domain.test
domain.-K
argument