Enable PowerShell remoting on ArcoLinux

PowerShell is a cross-platform scripting language that runs on Windows, Linux, and macOS.

ArcoLinux is a rolling release Linux distribution based on Arch Linux.

Prerequisites

  • ArcoLinux was installed using the ArcoLinuxL ISO with the easy installation option.
  • The examples shown in this article were performed using Xfce Terminal.
  • ArcoLinux was fully updated using the sudo pacman -Syu command.

Installation

Verify that you have PowerShell installed:

1pwsh --version

enable-psremoting-arcolinux1a.jpg

If you receive the error: command not found, see Install PowerShell on ArcoLinux to install PowerShell.

Configuration

Open your OpenSSH server configuration file in a text editor. The nano text editor is used in the following example:

1sudo nano /etc/ssh/sshd_config

enable-psremoting-arcolinux1a.jpg

Enable password-based authentication by uncommenting the following line in your OpenSSH server configuration file. Public key authentication is also supported, but outside the scope of this blog article.

1PasswordAuthentication yes

enable-psremoting-arcolinux2a.jpg

Determine the path to the PowerShell pwsh command. You can use any of the following commands to determine the path for pwsh. The default path is /usr/bin/pwsh.

1which pwsh
2type pwsh
3whereis pwsh

enable-psremoting-arcolinux3a.jpg


The result of the previous command is a symbolic link. You can confirm this by running any of the following commands:

1readlink -f $(which pwsh)
2ls -lh $(which pwsh)
3stat $(which pwsh)

enable-psremoting-arcolinux4a.jpg

There's also only one hard link to each of the files and the inode number is different for each of them. This means the /usr/bin/pwsh file is a symbolic or soft link and not a hard link that points to the same file.

1ls -l /usr/bin/pwsh /opt/microsoft/powershell/7/pwsh
2ls -i /usr/bin/pwsh /opt/microsoft/powershell/7/pwsh

enable-psremoting-arcolinux6a.jpg


Configure a daemon for PowerShell by adding a subsystem entry to your OpenSSH server configuration file. Arguments include a subsystem name and command with optional arguments to execute upon subsystem request.

1Subsystem powershell /usr/bin/pwsh -sshs -NoLogo

enable-psremoting-arcolinux7a.jpg

By default, the SSH server daemon is inactive and not set to start automatically:

1systemctl status sshd.service

enable-psremoting-arcolinux8a.jpg

You'll need to start the SSH server daemon and set it to autostart when the system restarts. I've chosen to restart the daemon instead of starting it so the following command will work even if it's already running. Check the status of the service again after configuring it.

1sudo systemctl restart sshd.service && sudo systemctl enable sshd.service
2systemctl status sshd.service

enable-psremoting-arcolinux9a.jpg

Connecting

You're ready to connect. In the following examples, I'm remoting into the ArcoLinux system from PowerShell 7 on a Windows 11 system.

The first time you connect, you'll be prompted to trust the system you're connecting to as shown in the following example. You must type the entire word yes and press enter. If you type Y and press enter, you'll be prompted again.

1Enter-PSSession -HostName arco -UserName mikefrobbins

enable-psremoting-arcolinux10a.jpg

This information is stored in a known_hosts file in your user's profile. If you're using DHCP and the IP address of the system you're connecting to changes, an additional line for the same system will be added to this file.

1Get-Content -Path $env:USERPROFILE\.ssh\known_hosts

enable-psremoting-arcolinux11a.jpg

If something major changes such as reloading the operating system on the remote system occurs, you'll be prompted with the following message:

1Enter-PSSession -HostName arco -UserName mikefrobbins
 1Enter-PSSession: The background process reported an error with the following message: The SSH client session has ended with error message: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 2@       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @
 3@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 4The ECDSA host key for arco has changed,
 5and the key for the corresponding IP address fe80::9d8:8ded:568b:270f%6
 6is unknown. This could either mean that
 7DNS SPOOFING is happening or the IP address for the host
 8and its host key have changed at the same time.
 9@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
10@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
11@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
12IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
13Someone could be eavesdropping on you right now (man-in-the-middle attack)!
14It is also possible that a host key has just been changed.
15The fingerprint for the ECDSA key sent by the remote host is
16SHA256:qND1QhSJ2T0aTF4UNOK48+Avi7gaXZsIOaVwTuH5Uzk.
17Please contact your system administrator.
18Add correct host key in C:\\Users\\mikef/.ssh/known_hosts to get rid of this message.
19Offending ECDSA key in C:\\Users\\mikef/.ssh/known_hosts:1
20ECDSA host key for arco has changed and you have requested strict checking.
21Host key verification failed..

enable-psremoting-arcolinux12a.jpg

One of the first issues you'll likely encounter is: TERM environment variable not set.

1Clear-Host

enable-psremoting-arcolinux13a.jpg

You'll need to set the TERM environment variable to resolve this problem.

1$env:TERM = 'xterm'

enable-psremoting-arcolinux14a.jpg

Happy remoting!

References