SSH

• Make users on machines for remote management use the same password.
• create /etc/sudoers.d/sys265 and add username ALL=(ALL) NOPASSWD: ALL for passwordless elevation.
• Chache password for a key for longer using eval $(ssh-agent) then ssh-add -t 14400
• Create and copy an ssh key to the machines for management to allow for passwordless access.
• Add ssh to windows with If that does not work do a manual install.

Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0
Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'

• SSH into PowerShell with

Set-ItemProperty "HKLM:\Software\Microsoft\Powershell\1\ShellIds" -Name ConsolePrompting -Value $true

New-ItemProperty -Path HKLM:\SOFTWARE\OpenSSH -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force

Ansible

• Install ansible with sudo apt install ansible sshpass python3-paramiko

Ansible Flags

-i: host list
-a: run command ad-hoc
-u; specific user

• Formatting hosts file can be done by putting [group] above the hosts to group hosts that can be referenced by the group.
• Ansible galaxy has downloadable roles which can be used to easily deploy quickly. Download roles with ansible-galaxy install role -p roles/
• Make a .yml for the ansible role. Add

roles:
- role

at the end of the initial step where the name and hosts are defined.

• run the role by running this yml with ansible-playbook.
• add group;vars] then ansible_shell_type=powershell to tell ansible to use powershell.
• when using ansible with windows specify -u username with domain --ask-pass
• Use chocolatey to install windows programs

win_chocolatey:
  name:
  - firefox
  - 7zip