I wish to attach a network drive/share from a session created via sshd. The drive was originally created with the standard Powershell connect script provided on the "Connect" tab as executed in a Powershell window in RDP. The drive persists and the W2022 instance can be stopped and restarted and Z: drive reappears in Powershell windows launched inside RDP. My question concerns connecting to Z: from shells launched from sshd.
The command
net use Z: \\myStorageAcct.file.core.windows.net\xfer /user:myStorageAcct
prompts for a password and I enter the storage account secret key -- which starts with a slash -- and everything works. The net use command can take the password on the command line but I cannot figure out how to pass the password without net use interpreting the password as an option, e.g.:
net use Z: \\myStorageAcct.file.core.windows.net\xfer /user:myStorageAcct /CMA33FV...==
The option /CMA33FV...== is unknown
I am open to Powershell tricks or a util other than net use to attach the drive.
Important constraint: Sessions created with sshd cannot use the standard Powershell script that appears in the "Connect" tab of the file share. In particular, the cmdkey exec produces this error:
CMDKEY: Credentials cannot be saved from this logon session.
Logging in with either name+password or a keypair via sshd yields a restricted session that requires additional authentication to access remote resources. One way or another, you will have to provide credentials to attach the drive. These can be supplied in a script, the environment, a key vault, etc. but the essence of the solution is:
$username = "myStorageAcct"
# Not the session login; this is storage account secret key:
$password = "/CMA43ydVvM4N..."
$secureStringPwd = $password | ConvertTo-SecureString -AsPlainText -Force
# The Juice:
$creds = New-Object System.Management.Automation.PSCredential -ArgumentList $username, $secureStringPwd
New-PSDrive -Name Z -PSProvider FileSystem -Root "\\myStorageAcct.file.core.windows.net\myShareName" -Credential $creds
By specifying a credential object, New-PSDrive avoids the leading slash problem encountered with net use where the password is mistaken for an option.