$password = ConvertTo-SecureString 'Paper123!@#' -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential('INTRANET\sysadmin', $password)

Write-Host "Checking SSH Configuration on AD2..." -ForegroundColor Cyan
Write-Host ""

Invoke-Command -ComputerName 192.168.0.6 -Credential $cred -ScriptBlock {
    Write-Host "[1] Checking private key..." -ForegroundColor Yellow
    $keyFile = "$env:USERPROFILE\.ssh\id_ed25519"
    if (Test-Path $keyFile) {
        $keyContent = Get-Content $keyFile -Raw
        if ($keyContent -match "ENCRYPTED") {
            Write-Host "  [WARNING] Private key is ENCRYPTED (requires passphrase)" -ForegroundColor Red
        } else {
            Write-Host "  [OK] Private key appears to be unencrypted" -ForegroundColor Green
        }
        Write-Host "  First line: $(($keyContent -split "`n")[0])" -ForegroundColor Gray
    }

    Write-Host ""
    Write-Host "[2] Checking SSH config..." -ForegroundColor Yellow
    $sshConfig = "$env:USERPROFILE\.ssh\config"
    if (Test-Path $sshConfig) {
        Write-Host "  SSH config exists:" -ForegroundColor Green
        Get-Content $sshConfig | ForEach-Object { Write-Host "    $_" -ForegroundColor Gray }
    } else {
        Write-Host "  No SSH config file" -ForegroundColor Gray
    }

    Write-Host ""
    Write-Host "[3] Checking authorized_keys (what this machine authorizes)..." -ForegroundColor Yellow
    $authKeys = "$env:USERPROFILE\.ssh\authorized_keys"
    if (Test-Path $authKeys) {
        $keyCount = (Get-Content $authKeys | Where-Object { $_ -notmatch "^#" -and $_ -ne "" }).Count
        Write-Host "  $keyCount authorized keys found" -ForegroundColor White
    }

    Write-Host ""
    Write-Host "[4] Checking public key..." -ForegroundColor Yellow
    $pubKey = "$env:USERPROFILE\.ssh\id_ed25519.pub"
    if (Test-Path $pubKey) {
        $pubContent = Get-Content $pubKey
        Write-Host "  Public key: $($pubContent.Substring(0, [Math]::Min(50, $pubContent.Length)))..." -ForegroundColor Gray
    }

    Write-Host ""
    Write-Host "[5] Checking SSH agent..." -ForegroundColor Yellow
    $sshAgent = Get-Service ssh-agent -ErrorAction SilentlyContinue
    if ($sshAgent) {
        Write-Host "  SSH Agent service: $($sshAgent.Status)" -ForegroundColor $(if ($sshAgent.Status -eq "Running") { "Green" } else { "Yellow" })
    } else {
        Write-Host "  SSH Agent service not found" -ForegroundColor Yellow
    }

    Write-Host ""
    Write-Host "[6] Testing if key is loaded in agent..." -ForegroundColor Yellow
    $sshAdd = & "C:\Program Files\OpenSSH\ssh-add.exe" -l 2>&1
    Write-Host "  ssh-add -l result: $sshAdd" -ForegroundColor Gray
}