Microsoft

If you do not get a dedicated IP address when connecting to the VPN server, you must manually modify the static routes after each connection. The following description will help you automatically set up static routes after connecting.

1. Start the Windows PowerShell (Admin) console
2. After authentication, verify that we have the right to boot RemoteSigned scripts. PS C:\WINDOWS\system32> Get-ExecutionPolicy
3. If not, issue the following command: PS C:\WINDOWS\system32> Set-ExecutionPolicy -ExecutionPolicy RemoteSigned Then press the A key to appear.
4. Then create a folder where the two scripts will reside: PS C:\WINDOWS\system32> New-Item -ItemType directory -Path C:\Scripts\
5. Enter the directory that you created, and then create the following file: VPN-conn.ps1 and insert the following code:
   

   ##
   # Add IP routes across a VPN via a DHCP assigned IP address
   # author Richard Buz 29.01.2019
   ##
   
   # Route IP address
   $ips = @("192.168.0.0", "10.20.30.0", "172.19.0.0")
   # VPN connection IP
   $vpnIP = "192.168.50."
   
   # Get the IP address of the VPN connection
   $vpnip = ipconfig | findstr $vpnIP
   # If we don't have an IP address on the VPN, error and quit
   if (!$vpnip) {
   "You do not have an IP address on the VPN"
   exit
   }
   # Parsing VPN IP
   $vpnip = $vpnip.trim().split(" ")[-1]
   # Delete routes if existing
   foreach($ip in $ips) {
   $hasRoute = route print | findstr $ip
   if($hasRoute) {
   "Deleting route " + $ip
   route delete $ip
   }
   }
   # Add whatever routes we need
   foreach($ip in $ips) {
   "Adding route " + $ip
   route add $ip MASK 255.255.255.0 $vpnip
   }

6. Save the file, and then create another file called VPN-disconn.ps1

   Paste the following code:

   ##
   # Remove existing VPN routes
   # author Richard Buz 29.01.2019
   ##
   
   # Route IP address
   $ips = @("192.168.0.0", "10.20.30.0", "172.19.0.0")
   
   # Delete existing VPN routes
   foreach($ip in $ips) {
   $hasRoute = route print | findstr $ip
   if($hasRoute) {
   "Deleting route " + $ip
   route delete $ip
   }
   }
   

7. Then, in PowerShell, ask the name of the VPN connection: PS C:\WINDOWS\system32> Get-VpnConnection
8. The following two commands will set the scheduled tasks after connection and disconnection. For commands, the vpn-connection-name variable at the end of the line must be changed to the name of the connection in the Get-VpnConnection command output.
   • Scheduled to run after joining:
     

     schtasks /create /RU "SYSTEM" /NP /F /TN "VPN Connect Update" /TR "Powershell.exe -NonInteractive -command c:\Scripts\VPN-conn.ps1" /SC ONEVENT /EC Application /MO " *[System[(Level=4 or Level=0) and (EventID=20225)]] and *[EventData[Data='vpn-connection-name']]"

   • Timed to run after disconnection:
     

     schtasks /create /RU "SYSTEM" /NP /F /TN "VPN Disconnect Update" /TR "Powershell.exe -NonInteractive -command c:\Scripts\VPN-disconn.ps1" /SC ONEVENT /EC Application /MO " *[System[(Level=4 or Level=0) and (EventID=20226)]] and *[EventData[Data='vpn-connection-name']]"

Source:

• https://simpleverse.wordpress.com/2010/10/06/add-routes-on-vpn-connect-with-powershell-and-task-scheduler/
• https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ee431704(v=ws.10)

Environment variables are a set of dynamic named values that can affect the way running processes will behave on a computer. The variables can be used both in scripts and on the command line. Environment variables makes it easy when certain standard directories and parameters need to be referenced but where the actual locations or names can vary from computer to computer.

This tutorial will show you a complete list of environment variables that can be used to reference standard directories and parameters in Windows 10.

VARIABLE	WINDOWS 10
%ALLUSERSPROFILE%	C:\ProgramData
%APPDATA%	C:\Users\{username}\AppData\Roaming
%CD%	Current directory full path (cmd only)
%CMDCMDLINE%	Returns exact command line used to start current cmd.exe session. (cmd only)
%CMDEXTVERSION%	Number of current command processor extensions. (cmd only)
%CommonProgramFiles%	C:\Program Files\Common Files
%CommonProgramFiles(x86)%	C:\Program Files (x86)\Common Files
%CommonProgramW6432%	C:\Program Files\Common Files
%COMPUTERNAME%	The computer name of the current local system.
%COMSPEC%	C:\Windows\System32\cmd.exe
%DATE%	Current date in format determined by Date command (cmd only)
%ERRORLEVEL%	Number defining exit status of previous command or program (cmd only)
%HOMEDRIVE%	C:\
%HOMEPATH%	C:\Users\{username}
%LOCALAPPDATA%	C:\Users\{username}\AppData\Local
%LOGONSERVER%	\\{domain_logon_server} \\MicrosoftAccount
%NUMBER_OF_PROCESSORS%	8
%OS%	Windows_NT
%PATH%	C:\Windows; C:\Windows\System32; C:\Windows\System32\Wbem; C:\Windows\System32\WindowsPowerShell\v1.0
%PathExt%	.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
%PROCESSOR_ARCHITECTURE%	AMD64
%PROCESSOR_IDENTIFIER%	Intel64 Family 6 Model 158 Stepping 9, GenuineIntel
%PROCESSOR_LEVEL%	6
%PROCESSOR_REVISION%	9e09
%PROGRAMDATA%	C:\ProgramData
%PROGRAMFILES%	C:\Program Files
%ProgramW6432%	C:\Program Files
%PROGRAMFILES(X86)%	C:\Program Files (x86)
%PROMPT%	Code for current command prompt format. Code is usually $P$G (cmd only)
%PSModulePath%	C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
%PUBLIC%	C:\Users\Public
%RANDOM%	To get random number between 0 and 32767 (cmd only)
%SessionName%	When logging on directly to machine, returns "Console". When client connects via terminal server session, is combination of connection name, followed by pound symbol {#} and session number.
%SystemDrive%	C:
%SystemRoot%	C:\Windows
%TEMP%	C:\Users\{username}\AppData\Local\Temp
%TMP%	C:\Users\{username}\AppData\Local\Temp
%TIME%	Current time in format determined by Time command (cmd only)
%USERDOMAIN%	The network domain name associated with the current user.
%USERDOMAIN_ROAMINGPROFILE%	The network domain name associated with the current roaming profile.
%USERNAME%	{username}
%USERPROFILE%	C:\Users\{username}
%WINDIR%	C:\Windows

With each new release of Windows 10, we see more and more useful tools being ported from Linux. First, we had the Windows Subsystem for Linux, which is awesome, and now we have a built-in OpenSSH client and server, which uses version 7.6p1 of OpenSSH.

With the April 2018 Update, the OpenSSH client is now installed by default works really well. Especially the client, as you no longer need to use a 3rd party SSH client such as Putty when you wish to connect to a SSH server.

For this article, we are going to focus on the OpenSSH Client.

First confirm that the OpenSSH client is installed by looking under the installed optional features. If it is installed, you will see it listed as shown below. If so some reason it is not installed, you can click on Add a feature to install it.

Using OpenSSH in Windows 10

It's simple, press the Windows button and type Command Prompt, and hit the Enter, or press the Windows and R key combination, then type cmd, and press te Enter. In the popup window type ssh, and press enter. If the OpenSSH Client installed correctly, you can view the same output in your Command Prompt window. If you are not type any argument next the ssh command the program will print the basic help the program usage. More information in the parameters you can find the man page of the SSH.

Available argument list is:

usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
           [-D [bind_address:]port] [-E log_file] [-e escape_char]
           [-F configfile] [-I pkcs11] [-i identity_file]
           [-J [[email protected]]host[:port]] [-L address] [-l login_name] [-m mac_spec]
           [-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address]
           [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]]
           destination [command]

If you connect to a remote server you simply use the command line ssh [user]@[host]. For example, to access your cPanel webhosting servers via SSH simply type ssh [email protected]. If it's your first time connecting to the SSH server, the program will display a host key fingerprint and ask you to confirm if you want to connect. If you type yes, this hosts's key will be saved in the %UserProfile%\.ssh\known_hosts file and you will not be asked again when you connect to the same server.

If you want to connect your server with your SSH key, you need add a key file path, with the -i paramerer. Example: ssh -i .ssh\webhost [email protected]. You will then be prompted to enter the key password for the user account on the remote server that you are logging into as shown below.

If you type a correct password, the client logged in the remote server successfully:

When you are done using the remote server and would like to disconnect the SSH session, simply press the CTRL+D. You will then be logged out, the SSH client will state Connection to [server] closed., and you can close the command prompt.

Permissions for 'private-key' are too open

If you use your SSH private key in the connection, you need to setup the correct permission on the key file otherwise you can not connect the server. You get Permissions for 'private-key' are too open message.

In this case locate the file in Windows Explorer, right-click on it then select Properties. Navigate to the Security tab and click Advanced.
Change the owner to you, disable inheritance and delete all permissions. Then grant yourself Full control and save the permissions. Now SSH won't complain about file permission too open anymore.

Source:

https://www.bleepingcomputer.com/news/microsoft/heres-how-to-enable-the-built-in-windows-10-openssh-client/
https://superuser.com/a/1296046/882692