I use PuTTY as my primary terminal program. For one thing, it will hold open an SSH session all day and not time out (unlike PowerShell). It is easy to customize the look and feel of your Shell session. Finally, you can save your session settings for subsequent logins.
My top recommendations are to save your login name, private key, and change the font size and color. It is relatively easy and once you set up these, you’ll be grateful for the amount of time saved.
Save your login name
To prevent having to type in your login name each time you start a session, go to Connections > data > add your username on the right side.
Add the path to your private key
If you want to login to a server without typing in a password, add the path to your private key in a saved session. This is a good method if you only log into a few servers. As, each server needs to have a separate saved session. If you have more than a few servers, you should run ‘Pagent’ to present your key upon each server’s login request.
To add the path to your private key, go to Connections > SSH > Authentication and provide the path to your private key.
Change the font color & size
To make things easier to read you can enlarge the font size and change the color. Select Colors > Default Foreground > Modify > Pick a color.
Now when you open putty, it is easier to read.
For font size, you can change it by going to Appearance > Change > and Select the options.
Save all of the options to a session
After you have all everything set up the way you want, then save the setting as a session. Select session > enter an IP & port, Give it a name (like the hostname of the server), in my case I am just saying “Web Server” > and hit “save”.
Now when you want to start an SSH session with your web server, just launch putty, hit “load” and then “Open”. It will take you right into a session, no need to enter a username and password.
Robocopy (Robust Copy) is a command line tool for copying files in Windows. It replaces the older ‘copy’ command. It contains many new features and can copy files both to an external hard drive or a remote computer.
Before you can copy files to an external hard drive, you need to create a folder on the destination drive first and set the permission on that folder to ‘Everyone’ (see below). I like to somewhat mirror the folder structure of the source and destination files. It makes for an easy reference, when you need to look for the files on the backup.
Command Layout
The three primary copy switches are /E, /S, and /MIR. They will copy just the data, attributes, and timestamps (/COPY:DAT), and not file permissions. The default behavior (not using any switches) of robocopy is to copy only newer files and overwrite the older files at the destination.
The basic format of the command.
robocopy <source directory> <destination directory> <file to copy> <switches>
If you are copying files you are not the owner of, you will need to run the the command prompt as an Administrator and use the /B switch to override the file and folder permissions. You will typically want to use the /Z if coping files over a network and you want to exclude Hidden and System files. The /TEE switch is only necessary if it is an attended backup. Finally, I like to drop a log file in the backup folder in case I need to review anything.
Copy Switches
/L Test the command before you execute it.
/S Do not copy empty directories.
/E Copy all directories, including empty ones.
/MIR Sync a directory. (Caution! If a file is deleted in source, will be deleted in destination).
/B Copy in backup mode. Copy all files regardless of permissions. (Needed if copying files other than your own. Run command prompt as an Administrator).
Network Switches
/Z Use Restart mode, Start copy where you left off. (Needed when possible network interference).
/ZB Use Restart mode & Backup mode. (Needed when coping over a network).
/W:2 Wait time between retries. (Needed when copying over a network).
/R:1 The number of retries, if the file is locked. (Needed when coping over a network).
Exclude Switches
/XA:H Exclude files with the attribute Hidden. (Typically want to use this switch)
/XA:S Exclude files with the attribute System. (Typically always want to use the switch).
/XA:SH Exclude System and Hidden files (Needed when coping a User’s Profile).
/XJ exclude junction points. (Needed when coping a User’s Profile).
/FTT format in FAT32 File system. (Needed if backing up files to a Linux host).
/XD exclude directory. Use if you want to exclude some Hidden files and not others.
Logging Switches
/NFL Don’t log file names of copied files.
/NDL Don’t log directory names. (Include if using a log file).
/NP Suppress % copied output to a log file. (Include if using a log file).
/LOG:/F:\backup.log Writes output to a log file.
/LOG+:F:\file.log Append output to an existing log file.
/TEE Write output to the console window AND the log file.
Get Help
robocopy /?
Copy Files to an External Drive
Copy one or two files. If you have spaces in the file path, be sure to enclose in quotes.
Copy a user’s profile (MIR), exclude the junction points (XJ), system files (XA:S), and the user’s “AppData” folder (XD). Suppress the percent copied results (NP). Junction points are a kind of soft link or a shortcut. The copy process could get stuck in a copy loop if you do not exclude. This will still copy any other hidden files. Output results to screen and log file (TEE & LOG).
Begin by plugging in a USB stick into any open port on the PC. In our example, it shows up as “Drive F”. Now, make a new folder called F:\backups.
Set the permissions on the new folder to ‘Everyone’ by right clicking on the folder, go to properties, security tab, select add group or username, and select check names. Be sure to verify that the “Everyone” has all the allow permissions.
Now, any folders or files copied to the “backup” folder during the backup, should inherit the same permissions. (i.e. Everyone).
If you don’t do this and you need to access the files on a PC other than the original computer, you may not be able to open the files. This is because you are not logged in as the original user that ran the backup. But, with folder permissions set to Everyone, you can plug the external drive or USB stick into any computer, and you will have full access to the copied files.
Make a Backup Script
We will backup the contents of a generic folder and two user’s profiles. It will copy to an external hard drive and also to a remote windows computer. For this example, we are logged in as a user called Jack and it is an “admin” account, so we can be granted rights to copy files of other users.
First, we will start by coping all files in a folder called “Data”. Since we don’t know who owns this folder, we will use the /B switch to overwrite any potential permissions issues. Finally, we will make a log file but exclude the percent copied for each file. As this unnecessary clogs up the log output.
rem backup.bat
robocopy C:\Data F:\backups\data /MIR /B /NP /LOG:F:\backup.log
Next, we can now copy Jack and Jill’s profiles. Jack’s profile, we will exclude all hidden files, system files, and junction points. Since his “AppData” folder is already hidden, we do not need to specifically exclude it.
In Jill’s profile, we have several hidden files that we want to copy that contain her SSH keys. So, we will not create a blanket exclusion for all hidden files. Instead, we will exclude her “AppData” folder specifically. Finally, we will add to the previously created log file, but again we will exclude the total percent copied. Also, we need to add her file using the /B switch to copy in backup mode.
Finally, copy the same files to a remote computer for a secondary backup. As before, we will use the /MIR switch to make an exact duplicate folder tree, /B to run in backup mode and exclude the System, Hidden, Junction Points, and specifically exclude Jill’s “AppData” folder. Also, we use the /Z (restart mode), /R (retry) and /W (wait) in case there are network issues.
Save the script to Jack’s desktop as backup.bat. To run the script, open a command prompt as an Admin, and navigate to Jack’s desktop. Type the script name and hit enter. To run the script nightly, you can set up a scheduled task to execute.
Netstat is a built in utility typically used to troubleshoot remote connection issues. It is also be used to see what external IPs and URLs your computer is actively communicating with and to what ports are passively open waiting for a connection. To run netstat, launch the Command Prompt in administrator mode.
It is important to remember that running the command is a one and done. It does not auto refresh unless you tell it to using a switch. To get a list of switches, run “netstat /?“. The most important for netstat switches are:
-a = Display all connections and listening ports -b = Display the executable involved. -f = Display FQDN. -n = Display IP and ports in number format. -o = Display process ID associated with the connection. -r = Display routing table.
Let’s go over some commands. First, ‘netstat -ab’ is unusually slow to provide results and the results are not in a easy to read format. For this reason many users do not like it. But it will provide the process name that opened or established the connection.
netstat -ab
Next is ‘netstat -ano’. It provides very fast results, but does not provide the name of the running service. However, you can get the process ID’s and then lookup the running process in task manager to find the service or executable. Finally, you can lookup up the foreign addresses in an online URL lookup to find the ‘whois’ or the IP registration.
netstat -ano
Display the TCP active connections with the FQDN.
netstat -p tcp -f
You can pipe the results from netstat to include only specific outputs.
netstat -ano | findstr "ESTABLISHED"
You can pipe to exclude results by using the /V switch.
Think of TCPView (or the older CURRPorts) as a netstat GUI interface. TCPView is produced by Microsoft System Internals and is actively supported. It is easier to read then the command line, auto refreshed every 2 seconds, and provides both fast results as well as the process name.
You can quickly track down what service is attempting to make an external connection, what remote IP or URL it is communicating with, and over what port. The results can be combined with some google searches to get a complete picture. I find it easier than trying to interpret the netstat command line results.
The color scheme is tricky. Red means a connection is about to close, green means a connection was just opened, and yellow means a connection has just refreshed. Notice the green bar in the picture below.
By default, a task will only run when a user is logged in. If you want to run a task after hours or over night, you will need to select “run whether the user is logged in or not” and “run with highest privilege’s”, so it runs in admin mode. Finally, you will need to add the user to the local admin group.
Some blog posts will say, you still can get a task to run if a regular user is not logged in. You can add the user to the local security group policy under “logon as a batch job” by going to secpol.msc, security settings, user rights assignment, logon as batch job, and add the user. I tested this multiple times and could not get this method to work when attempting to run a PowerShell script. Perhaps, this only works for true batch scripts.
Let’s assume, I want to run a PowerShell script every hour of every day (i.e. 24 x7). First, check if your user is a local administrator. Go to Computer management, system tools, local users and groups, administrators. Verify he is included.
Run the task scheduler and select create a task.
General Tab
Configure the Name, User account, Run whether the users is logged on or not, and Run with highest privileges, as it needs to run in admin mode when the user is logged out. Next, select Configure for Windows 10.
Triggers Tab
Select to run starting at 1:00 PM, every hour, and verify the task is enabled.
Action Tab
The script must be stored under the local user’s profile to get it to execute!!i.e. C:\users\username\tasks\yourscript.ps1.
A common task to perform is when you have data in a text file and you need to copy and paste the data into excel and then split the date into columns. Unfortunately, when you do this it will put all the date in a single column. You have to then split out the date into columns using the below method.
Process
Highlight and copy date from notepad.
Paste data into excel. All data will be pasted into the first column only!
Select data, text to column, delimited, and then next.
Select the items you want to use as separators, usually tabs and spaces. Then hit next or finish.
