# Environment Setup

## Machines

| Role | IP | Details |
|------|-----|---------|
| Host (Illiac) | 192.168.1.119 | Physical machine, user sits here |
| Linux guest | 192.168.1.164 | Claude Code runs here, user: harry |
| Windows guest | 192.168.1.102 | hostname: ops, user: bradmin, pass: tyc921202 |

Both guests accessed via noVNC from host. Clipboard doesn't work well.

## How to Manage Windows Remotely

```
sshpass -p 'tyc921202' ssh -o StrictHostKeyChecking=no bradmin@192.168.1.102 "command"
```

- Default shell is PowerShell — use `;` not `&&` to chain commands
- sshd manually registered: `sc.exe create sshd binPath= "C:\Windows\System32\OpenSSH\sshd.exe" start= auto`
- Windows has SSH key auth back to Linux (bradmin@ops key in harry's authorized_keys)

## Proxy Chain (Internet Access)

```
Windows browser
  → HTTP proxy (Privoxy 192.168.1.164:8119)
    → SOCKS5 proxy (autossh 127.0.0.1:8118, service: poly-tunnel)
      → poly-proxy remote server
        → internet
```

- **autossh tunnel**: systemd service `poly-tunnel`, `-D 8118`, enabled on boot
- **Privoxy**: listens on 127.0.0.1:8119 and 192.168.1.164:8119, forwards via `forward-socks5t` to 127.0.0.1:8118, enabled on boot
- **Windows proxy**: registry `HKCU:\...\Internet Settings` ProxyServer=192.168.1.164:8119, persists across reboot
- **Linux curl**: use `-x socks5h://127.0.0.1:8118`

## Key Gotchas

- Privoxy must use `forward-socks5t` (not `forward-socks5`) for HTTPS to work
- Chrome must be fully closed before relaunching with `--proxy-server` flags
- Don't kill all SSH processes on Windows — it kills the user's SSH session too
- Windows was on a domain whose DC is gone — domain-dependent services may fail
- NTP reconfigured to ntp.aliyun.com (old domain DC gone)