SSH setup

setup.ps1

<#
.SYNOPSIS
    Enables and configures OpenSSH server on Windows 10 Pro.

.DESCRIPTION
    Installs the OpenSSH.Server feature if needed, starts the sshd service, sets it to auto-start,
    allows SSH traffic through the Windows Firewall, and ensures basic configuration is ready.

.AUTHOR
    DJ Stomp <[email protected]>

.LICENSE
    MIT

.GITHUB
    https://gist.github.com/DJStompZone/7484869d1aa60ed84bf69c3860a740fa
#>

# Ensure running as admin
if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(`
    [Security.Principal.WindowsBuiltInRole] "Administrator")) {
    Write-Error "Run this script as Administrator!"
    exit 1
}

# Install OpenSSH.Server if not installed
if (-not (Get-WindowsCapability -Online | Where-Object { $_.Name -like "OpenSSH.Server*" -and $_.State -eq "Installed" })) {
    Write-Host "Installing OpenSSH Server..."
    Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
} else {
    Write-Host "OpenSSH Server already installed."
}

# Ensure sshd service is enabled and running
Write-Host "Configuring sshd service..."
Set-Service -Name sshd -StartupType Automatic
Start-Service -Name sshd

# Allow SSH through the firewall
if (-not (Get-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -ErrorAction SilentlyContinue)) {
    Write-Host "Adding firewall rule for SSH..."
    New-NetFirewallRule -Name "OpenSSH-Server-In-TCP" -DisplayName "OpenSSH Server (Inbound)" `
        -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
} else {
    Write-Host "Firewall rule for SSH already exists."
}

# Optional: Ensure ssh-agent is running (for key authentication)
Write-Host "Ensuring ssh-agent service is enabled..."
Set-Service -Name ssh-agent -StartupType Automatic
Start-Service -Name ssh-agent

Write-Host "OpenSSH Server setup complete!"
Write-Host "You can now connect via ssh username@your_ip"