Skip to content

Instantly share code, notes, and snippets.

@scarolan
Last active June 7, 2018 15:02
Show Gist options
  • Save scarolan/5944447 to your computer and use it in GitHub Desktop.
Save scarolan/5944447 to your computer and use it in GitHub Desktop.
This gist will create a new user with Administrator rights on a Windows server AWS instance, install Cygwin and SSHD, and open port 22 so that you can access the machine using SSH. This makes using Windows *much* more tolerable for the Unix administrator. Simply use the script below in your "User Data" field when deploying a new instance. The <p…
<powershell>
# First we add our administrative user, replace username and password with your own
$computer=$env:ComputerName
$user="username" ## Change this!
$password='password' ## And change this too!
$objOu = [ADSI]"WinNT://$computer"
$objGroup = [ADSI]"WinNT://$computer/Administrators,group"
$objUser = $objOU.Create("User", $user)
$objUser.setpassword($password)
$objUser.SetInfo()
$objUser.description = "Local Admin User $user"
$objUser.SetInfo()
$objGroup.Add("WinNT://$user,user")
# Get the instance ready for Chef's knife bootstrap command
winrm quickconfig -q
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="300"}'
winrm set winrm/config '@{MaxTimeoutms="1800000"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" profile=public protocol=tcp localport=5985 remoteip=localsubnet new remoteip=any
# Download and install cygwin SSHd
function Install-Cygwin {
param ( $TempCygDir="$env:temp\cygInstall" )
if(!(Test-Path -Path $TempCygDir -PathType Container))
{
$null = New-Item -Type Directory -Path $TempCygDir -Force
}
$client = new-object System.Net.WebClient
$client.DownloadFile("http://cygwin.com/setup.exe", "$TempCygDir\setup.exe" )
Start-Process -wait -FilePath "$TempCygDir\setup.exe" -ArgumentList "-q -n -l $TempCygDir -s http://mirrors.kernel.org/sourceware/cygwin/ -R c:\Cygwin"
Start-Process -wait -FilePath "$TempCygDir\setup.exe" -ArgumentList "-q -n -l $TempCygDir -s http://mirrors.kernel.org/sourceware/cygwin/ -R c:\Cygwin -P openssh"
Start-Process -wait -FilePath "$TempCygDir\setup.exe" -ArgumentList "-q -n -l $TempCygDir -s http://mirrors.kernel.org/sourceware/cygwin/ -R c:\Cygwin -P cygrunsrv"
# You should change "password" on the next line to something more secure!
Start-Process -wait -FilePath "C:\Cygwin\bin\bash.exe" -ArgumentList '--login -c "/bin/ssh-host-config -y --pwd password"'
Start-Service sshd
}
Install-Cygwin
# Open up port 22 on the firewall
$fw = New-Object -ComObject hnetcfg.fwpolicy2
$rule = New-Object -ComObject HNetCfg.FWRule
$rule.Name = "ssh"
$rule.Protocol = 6
$rule.LocalPorts = 22
$rule.Enabled = $true
$rule.Profiles = 7 # all
$rule.Action = 1 # NET_FW_ACTION_ALLOW
$rule.EdgeTraversal = $false
$fw.Rules.Add($rule)
</powershell>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment