Files
sciagent/scripts/deployment/00-enable-ssh-ONELINER.txt
T
Thinh Lam 688fac73e9
CI/CD / backend (push) Failing after 2m8s
CI/CD / frontend (push) Failing after 1m40s
CI/CD / deploy (push) Has been skipped
sciagent code + Gitea Actions CI/CD
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-30 09:38:30 +07:00

26 lines
2.5 KiB
Plaintext

# ============================================================================
# COPY TOÀN BỘ block PowerShell BÊN DƯỚI, paste vào PowerShell Admin trên VPS
# (Nhỏ gọn ~4KB, clipboard RDP paste tốt)
# ============================================================================
$ErrorActionPreference='Stop'; Write-Host "[DYD SSH] Start..." -F Cyan
$cap = Get-WindowsCapability -Online | ? Name -like 'OpenSSH.Server*'
if ($cap.State -ne 'Installed') { Add-WindowsCapability -Online -Name $cap.Name | Out-Null; Write-Host "[OK] OpenSSH installed" -F Green } else { Write-Host "[OK] OpenSSH already installed" -F Green }
Start-Service sshd; Set-Service sshd -StartupType Automatic; Set-Service ssh-agent -StartupType Automatic; Start-Service ssh-agent -ErrorAction SilentlyContinue
if (-not (Get-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -ErrorAction SilentlyContinue)) { New-NetFirewallRule -Name 'OpenSSH-Server-In-TCP' -DisplayName 'OpenSSH SSH Server' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22 | Out-Null }
New-ItemProperty -Path 'HKLM:\SOFTWARE\OpenSSH' -Name DefaultShell -Value 'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe' -PropertyType String -Force | Out-Null
$pub = 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM/SmlEVa41JmeIAwQOtEkdzUo1BLPJbJ+oDqDYm1ywQ dyd-vps-deploy-20260415'
$authFile = 'C:\ProgramData\ssh\administrators_authorized_keys'
if (-not (Test-Path (Split-Path $authFile))) { New-Item -ItemType Directory -Path (Split-Path $authFile) -Force | Out-Null }
$existing = if (Test-Path $authFile) { Get-Content $authFile -Raw } else { '' }
if ($existing -notmatch [regex]::Escape($pub)) { Add-Content -Path $authFile -Value $pub -Encoding UTF8 }
icacls $authFile /inheritance:r | Out-Null; icacls $authFile /grant 'Administrators:F' /grant 'SYSTEM:F' | Out-Null
Restart-Service sshd
$sshd = Get-Service sshd; $listen = Get-NetTCPConnection -LocalPort 22 -State Listen -ErrorAction SilentlyContinue
Write-Host ""; Write-Host "=====================================" -F Green; Write-Host " DONE — SSH server ready" -F Green; Write-Host "=====================================" -F Green
Write-Host " sshd status : $($sshd.Status)" -F Green
Write-Host " port 22 : $(if($listen){'LISTENING'}else{'NOT listening'})" -F $(if($listen){'Green'}else{'Red'})
Write-Host " public key : added to $authFile" -F Green
Write-Host ""; Write-Host "Dev can test:" -F Yellow
Write-Host " ssh -i ~/.ssh/dyd_vps Administrator@103.124.94.58 hostname" -F Yellow