PowerShell vs. PsExec for Remote Command Execution

 

Monitoring and maintaining large-scale, complex, highly distributed and interconnected systems can be extremely challenging for network administrators. Traditional IT management approaches are ill-equipped to handle the complexity of today's application architectures and deployment environments. It's common that an IT admin would support hundreds of machines in an enterprise network daily, but having to physically run down to each machine individually in order to issue a simple command is not acceptable. Therefore, being able to execute system commands remotely without too much additional pre-configuration is always a welcomed and appreciated solution.

In this blog post, we are going to discuss how to use two remote command execution tools, PowerShell and PsExec. We will show how to use each of these tools to remotely execute command line tools, using two OPSWAT products, OESIS Diagnose and Metascan Client, for our examples.

OESIS Diagnose is a troubleshooting tool for the OESIS project. It leverages OESIS Local functionalities internally and provides necessary information and visibility to the OPSWAT engineering team. Metascan Client is a GUI based utility that connects to the Metascan server and performs on-demand scan function calls.

*These steps are provided under the assumption that the user domain is in a protected network and that the command is being triggered by the system administrator.

PowerShell

Introduction:

PowerShell is provided by Microsoft as a replacement of shell to bring advanced scripting to Windows. It provides full access to COM and WMI and enables administrator to perform system commands on both local and remote Windows systems. Previously, PowerShell was packaged as a separate add-on to Windows, marketed mainly to server administrators. Starting with Windows 7, PowerShell is now a built-in part of the operating system, giving this capability to all Windows users.

Step by step usage for OESIS Diagnose:

  1. On the remote machine, enable remote commands in PowerShell as instructed below:

    PS C:\Windows\system32> Enable-PSRemoting -force_

  2. On a local machine, add remote system to the trusted list in PowerShell as seen below:

    PS C:\Windows\system32> Set-Item wsman:\localhost\Client\TrustedHosts -value 10.0.X.X_

  3. On a local machine, set the execution policy to remote signed in PowerShell as below:

    PS C:\Windows\system32> Set-ExecutionPolicy RemoteSigned_

  4. Copy OESIS Local package (including the OESIS Diagnose.exe) into the remote machine.
  5. On a local machine, create PowerShell script "remoteLaunchOESISDiagnose.ps1" as seen below:

    #Predefine necessary information
    $Username = "10.0.X.X\username"
    $Password = "password"
    $ComputerName = "10.0.X.X"
    $Script = {C:\OESISLocalPackage\OesisDiagnose_V3.exe}

    #Create credential object
    $SecurePassWord = ConvertTo-SecureString -AsPlainText $Password -Force
    $Cred = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $Username, $SecurePassWord

    #Create session object with this
    $Session = New-PSSession -ComputerName $ComputerName -credential $Cred

    #Invoke-Command
    $Job = Invoke-Command -Session $Session -Scriptblock $Script
    echo $Job

    #Close Session
    Remove-PSSession -Session $Session

  6. On a local machine, launch "“remoteLaunchOESISDiagnose.ps1” in PowerShell as seen below:

    PS C:\Windows\system32> ./remoteLaunchOESISDiagnose.ps1_

  7. The PowerShell script would be executed on the remote machine and launch OESIS Diagnose in the system. The result files would be generated on the remote machine.

Step by step usage for Metascan Client:

  1. The same setup process as step 1, 2 and 3 of the OESIS Diagnose example above.
  2. Copy Metascan Client package into the remote machine.
  3. On the local machine, create PowerShell script "remoteLaunchMetascanClient.ps1” as below:

    #Predefine necessary information
    $Username = "10.0.X.X\username"
    $Password = "password"
    $ComputerName = "10.0.X.X"
    $Script = {C:\MetascanClientPackage\MetascanClient.exe server="10.0.Y.Y:8008/metascan_rest" auto_start=1 allowed_scan_levels=1}

    #Create credential object
    $SecurePassWord = ConvertTo-SecureString -AsPlainText $Password -Force
    $Cred = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $Username, $SecurePassWord

    #Create session object with this
    $Session = New-PSSession -ComputerName $ComputerName -credential $Cred

    #Invoke-Command
    $Job = Invoke-Command -Session $Session - Scriptblock $Script
    echo $Job

    #Close Session
    Remove-PSSession -Session $Session

  4. On the local machine, launch “remoteLaunchMetascanClient.ps1” in PowerShell as seen below:

    PS C:\Windows\system32> ./remoteLaunchMetascanClient.ps1_

  5. The PowerShell script will be executed on the remote machine and triggers Metascan Client to scan against the pre-setup Metascan server which is specified in the command line, with the scan result being generated on the remote machine.

Limitations:

Both the OESIS Diagnose and Metascan Client scan functions are able to be executed remotely via PowerShell, but PowerShell fails to launch Metascan Client UI from the remote machine. This is because when remotely accessing a machine via PowerShell, an interactive desktop session is not started. For security reasons, users can only see applications that are opened within their own interactive sessions. Basically every Windows operating system thinks it's a Terminal Server, but Windows does not want users opening applications that other users could possibly see. Windows assumes that multiple users will be using the machine, so it isolates these applications for a number of obvious security reasons.

PsExec

Introduction:

PsExec is a command line tool allowing the execution of processes on a remote system and transfer the results of operations to the local console. It has a long list of optional parameters that allow a great deal of flexibility for IT administrators. The key feature of PsExec is to allow users to run a script or application within the security context of either the currently logged on user or as a user provided during program initialization.

Step by step usage for OESIS Diagnose:

  1. Download PSTools from the below link, PsExec is part of the package.
  2. Copy OESIS Local package (including the OESIS Diagnose.exe) into the remote machine.
  3. On the local machine, open the command prompt (cmd), go to the directory where the PsExec file is located.
  4. On the local machine, execute the following command:

    C:\whereYouSavePsExec>PsExec.exe \\10.0.X.X -u username -p password C"\OESISLocalPackage\OesisDiagnose_V3.exe_

  5. PsExec will launch the OESIS Diagnose process on the remote machine using the credential which is provided above and generate the diagnose report in the system. 

Step by step usage for Metascan Client:

  1. The same setup process as step 1 of OESIS Diagnose usage.
  2. Copy Metascan Client package into the remote machine.
  3. On the local machine, open command prompt (cmd), go to the directory where the PsExec file exists.
  4. On the local machine, execute the following command:

    C:\whereYouSavePsExec>PsExec.exe \\10.0.X.X -u username -p password C:\MetascanClientPackage\MetascanClient.exe server="10.0.Y.Y:8008/metascan_rest" auto_start=1 allowed_scan_levels=1_

  5. PsExec will launch the Metascan Client process on the remote machine using the credential which is provided above. This will bring up the Metascan Client UI and the scan result will be generated on the remote machine.

Limitations:

PsExec does not natively come with the Windows operating system, users have to download the PSTool package separately (an extra 1.6 Mb folder). PsExec does not provide an easy way for users to access network resources on the remote machine, due to the input argument being limited to 256 characters. Some older versions such as v1.73 and v1.82 have some serious problems with programmatic redirection of StdOut over named pipes.

 

 

Notes: On the Microsoft website, it mentions the below statement “some anti-virus engines report that one or more of the tools are infected with a ‘remote admin’ virus.” But, according to the latest scan result from Metascan Online, there were no antivirus engines detecting the PSTool package as a threat.

 

 

Summary:

Both PowerShell and PsExec have some advantages and disadvantages for network administrators. When it comes down to it, there is really no good or bad choice between PowerShell and PsExec, it largely depends on which system management tools IT administrators decide to select. The best option for novice users would be to use the PsExec option, considering it’s the easiest to start out with and allows you to run CLI based executables remotely and take advantage of the full feature set.

 

Announcement: Metascan Client is now Metadefender Client as part of our streamlined Metadefender Product Family. Check out the blog announcement to learn more. 

转载于:https://www.cnblogs.com/flysun0311/p/5301018.html

你的 Remote-SSH 连接失败的核心原因在于以下日志内容: ``` [15:55:57.767] > bash: powershell: 未找到命令 ... [15:55:59.246] Install terminal quit with output: bash: powershell: 未找到命令 ``` 这说明 VS Code 在连接远程主机时,试图在远程执行 powershell,但远程主机(很可能是 Linux)并没有 powershell 命令,导致连接脚本无法运行。 ### 具体问题分析 - 你的本地 VS Code 试图用 `powershell` 作为远程 shell 执行命令,但远程主机只支持 bash(或 sh),没有 powershell。 - 这通常是因为 Remote-SSH 的设置中,`remote.SSH.remoteCommand` 或 `remote.SSH.shell` 被错误地设置为 powershell,或者 VS Code 误判了远程主机类型。 --- ## 解决方法 ### 1. 检查 VS Code Remote-SSH 设置 1. 打开 VS Code 设置(Ctrl+,),搜索 `remote.SSH.remoteCommand`,确保它为空或为 `/bin/bash`(Linux)或 `/bin/sh`。 2. 检查 `settings.json`(全局或工作区),不要有如下类似内容: ```json "remote.SSH.remoteCommand": "powershell" ``` 如果有,改为: ```json "remote.SSH.remoteCommand": "/bin/bash" ``` 或直接删除该行。 ### 2. 检查 SSH 配置文件 - 打开你的 SSH 配置文件(通常在 `C:\Users\你的用户名\.ssh\config`),确保没有设置 `RemoteCommand powershell` 或类似内容。 ### 3. 重新连接 - 保存设置后,重启 VS Code,再次尝试连接。 --- ## 总结 你的远程主机是 Linux,不能用 powershell。请将 Remote-SSH 的相关设置改为 bash 或 sh,问题即可解决。 如需具体操作指导,请告知你用的是哪个远程主机系统(如 Ubuntu、CentOS 等),我可以给出更详细的修改步骤。
07-09
<think>我们正在处理VS Code Remote-SSH连接失败的问题,错误信息是远程主机提示'powershell: command not found'。 根据引用[1]和引用[2]的内容,我们知道类似的问题可能是由于远程主机上缺少必要的命令(如python)导致的。现在的问题是缺少powershell命令。 分析: 1. VS Code Remote-SSH在连接远程服务器时,会在远程服务器上启动一个vscode-server进程,这个进程可能需要使用powershell。 2. 错误提示表明远程主机上找不到powershell命令。这通常发生在Linux服务器上,因为默认情况下Linux不安装PowerShell。 解决方案: 有两种可能的解决方向: 方案一:在远程主机上安装PowerShell(如果远程主机是Linux系统) 方案二:配置VS Code Remote-SSH使用其他shell(比如bash)代替powershell 具体步骤: 方案一:安装PowerShell(适用于Linux远程主机) 1. 根据远程主机的Linux发行版,按照官方文档安装PowerShell。 例如,对于Ubuntu,可以执行以下命令: ```bash # 更新包列表 sudo apt update # 安装必要依赖 sudo apt install -y wget apt-transport-https software-properties-common # 下载微软GPG密钥 wget -q https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb # 注册微软GPG密钥 sudo dpkg -i packages-microsoft-prod.deb # 删除临时文件 rm packages-microsoft-prod.deb # 更新包列表 sudo apt update # 安装PowerShell sudo apt install -y powershell ``` 其他发行版的安装方法请参考:https://docs.microsoft.com/zh-cn/powershell/scripting/install/installing-powershell-on-linux?view=powershell-7.2 2. 安装完成后,可以在终端输入`pwsh`来启动PowerShell。但VS Code可能需要的是`powershell`命令,因此可以创建一个符号链接: ```bash sudo ln -s /usr/bin/pwsh /usr/bin/powershell ``` 方案二:配置VS Code使用其他shell 1.VS Code的设置中,搜索“remote.SSH.remoteServerListenOnSocket”,并确保它被取消勾选(false)。这个设置在某些版本中可能会导致问题,但主要问题还是shell的配置。 2.VS Code的设置中,搜索“remote.SSH.defaultForwardedPortsCommand”,将其值设置为`[]`(空数组)或者删除其值。这是因为这个设置可能依赖powershell。 3.VS Code的设置中,搜索“remote.SSH.path”,将其设置为远程主机上可用的shell路径,例如`/bin/bash`。这样,VS Code在远程连接时会使用bash而不是powershell。 4. 或者,在远程主机的`~/.ssh/config`文件中为特定主机设置远程命令: ``` Host your-remote-host HostName your-remote-host-ip User your-username RemoteCommand /bin/bash RequestTTY force ``` 或者在VS Code的SSH配置文件中设置(通常位于`~/.ssh/config`)。 方案三:更新VS Code Remote-SSH插件设置 1.VS Code的设置中,搜索“remote.SSH.useLocalServer”,将其取消勾选(设置为false)或勾选(设置为true)尝试。不同版本可能有不同表现。 方案四:更新VS Code和Remote-SSH插件 1. 确保VS Code是最新版本。 2. 更新Remote-SSH插件到最新版本。 尝试以上方案后,重新连接远程主机。 注意事项: - 如果远程主机是Windows,那么默认应该安装有PowerShell。如果出现此错误,可能是环境变量PATH中没有包含PowerShell的路径,需要检查远程主机的环境变量。 根据引用[2]中的类似问题,我们还可以尝试删除远程主机上的vscode-server目录并重新连接,让VS Code重新安装远程服务器。但注意,这可能会导致一些扩展需要重新安装。 删除远程主机上的vscode-server目录: 1. 通过其他方式(如终端)登录远程主机。 2. 删除目录:`rm -rf ~/.vscode-server`(或者`~/.vscode-remote`,取决于版本) 3. 重新尝试连接。 由于问题具体提示的是powershell找不到,因此优先考虑安装powershell或者更改默认shell配置。 请根据远程主机的操作系统和实际情况选择合适的方法。 相关问题: 1. 如何检查远程主机上是否安装了PowerShell? 2. 如何配置VS Code Remote-SSH使用特定的shell(如bash)? 3. 在Linux上安装PowerShell有哪些注意事项? 4. 除了PowerShell问题,还有哪些常见原因导致VS Code Remote-SSH连接失败?</think>### VS Code Remote-SSH 连接失败修复指南('powershell: command not found') 当 VS Code Remote-SSH 连接失败并提示 `powershell: command not found` 时,表明远程主机缺少 PowerShell 环境或 VS Code 配置有误。以下是系统化的解决方案: --- #### **解决方案 1:在远程主机安装 PowerShell(推荐)** 适用于 Linux/macOS 远程主机: ```bash # Ubuntu/Debian sudo apt update && sudo apt install -y powershell # CentOS/RHEL sudo yum install -y https://packages.microsoft.com/config/rhel/7/packages-microsoft-prod.rpm sudo yum install -y powershell # macOS (Homebrew) brew install --cask powershell ``` 安装后验证:`pwsh --version` > 注:VS Code 需要 PowerShell Core(跨平台版本),传统 Windows PowerShell 不兼容 Linux/macOS[^1]。 --- #### **解决方案 2:修改 VS Code 默认 Shell 配置** 1. **本地 VS Code 设置** 打开设置(`Ctrl+,`),搜索 `remote.SSH.path`,修改为: ```json "remote.SSH.remoteServerListenOnSocket": false, "remote.SSH.path": "/bin/bash" // 或远程主机的其他有效 Shell 路径 ``` 2. **远程主机 SSH 配置** 在 `~/.ssh/config` 添加: ``` Host your-remote-host HostName server-ip User username RemoteCommand /bin/bash // 强制使用 Bash RequestTTY force ``` --- #### **解决方案 3:重置 VS Code 远程服务** 1. 手动删除远程主机的残留文件: ```bash rm -rf ~/.vscode-server # 或 ~/.vscode-remote ``` 2. 本地 VS Code 执行: ```bash code --remote=ssh-remote+your-remote-host ``` 此时会重新安装远程服务组件(无需 PowerShell)。 --- #### **解决方案 4:检查环境变量** 在远程主机确认 `PATH` 包含 PowerShell 路径: ```bash echo $PATH | grep /usr/bin/microsoft/powershell # 典型路径 ``` 若未包含,在 `~/.bashrc` 添加: ```bash export PATH="$PATH:/usr/bin/microsoft/powershell" ``` --- #### **验证修复** 连接成功后检查 VS Code 输出面板: ``` [00:00] Setting up server... [00:01] Start server log... [00:02] Using shell: /bin/bash # 确认使用正确 Shell ``` > **关键提示**: > - 若远程主机为 **Windows**,需确保 PowerShell 已安装且位于 `PATH`(默认路径 `C:\Windows\System32\WindowsPowerShell\v1.0\`) > - 旧版 VS Code 可尝试回退 Remote-SSH 扩展至 `v0.102.0`(扩展面板 → ⚙️ → 安装其他版本) --- ### 相关问题 1. 如何在 Linux 上配置 PowerShell 作为默认 Shell? 2. VS Code Remote-SSH 连接时还有哪些常见环境依赖问题? 3. 如何诊断 Remote-SSH 连接失败的详细日志? 4. 不同操作系统下修复 PATH 环境变量的方法有何差异? [^1]: PowerShell Core 是跨平台解决方案,而传统 PowerShell 仅限 Windows。安装时需区分版本。 [^2]: VS Code Remote-SSH 依赖远程主机的基础 Shell 环境,配置错误会导致服务初始化失败。 [^3]: 路径配置问题常见于自定义安装环境,需手动验证可执行文件位置。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值