Fix Add-MachinePath to preserve registry value type and unexpanded variables (#819)

* Fix non-ASCII characters in OpenSSHUtils.psm1

* Fix Add-MachinePath to preserve registry value type and unexpanded variables

Refactor Add-MachinePath to avoid unintended modifications to the PATH registry value:

- Use GetValue() with DoNotExpandEnvironmentNames to preserve unexpanded environment variables (e.g., %SystemRoot%)
- Preserve original registry value type (REG_SZ vs REG_EXPAND_SZ) using GetValueKind()
- Keep original PATH entry values unchanged; normalization (expansion + backslash trimming) only used for duplicate detection
- Improve ShouldProcess implementation with proper message/prompt/description parameters for better -WhatIf/-Confirm support
- Enhance duplicate detection to compare expanded values, catching duplicates like C:\Windows\System32 vs %SystemRoot%\System32

* address comments

Author: emilvissing

contrib/win32/openssh/OpenSSHUtils.psm1

@@ -829,7 +829,7 @@ function Enable-Privilege {
     $type[0]::EnablePrivilege($Privilege, $Disable)
 }
 
-Function Add-MachinePath {
+function Add-MachinePath {
     [CmdletBinding(SupportsShouldProcess=$true, ConfirmImpact="High")]
     param
     (
@@ -838,13 +838,30 @@ Function Add-MachinePath {
     )
 
     if (Test-Path $FilePath) {
-        $machinePath = (Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH).Path
-        if (-not ($machinePath.ToLower().Contains("$FilePath;".ToLower()) -or $machinePath.ToLower().Contains("$FilePath\;".ToLower())))
-        {
-            $newPath = $FilePath + ’;’ + $machinePath 
-            Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH –Value $newPath
-            if ((Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH).Path -eq $newPath) {
-                Write-Host "Updated Machine PATH to include OpenSSH directory, restart/re-login required to take effect globally" -ForegroundColor Yellow
+        $regKey    = Get-Item -Path 'HKLM:\System\CurrentControlSet\Control\Session Manager\Environment'
+        $pathValue = $regKey.GetValue('PATH', '', 'DoNotExpandEnvironmentNames')
+        $pathType  = $regKey.GetValueKind('PATH')
+
+        # Normalize for comparison only (expand variables and trim trailing backslash)
+        $normalizedFilePath = [Environment]::ExpandEnvironmentVariables($FilePath).TrimEnd('\')
+        $normalizedEntries = $pathValue -split ';' |
+            Where-Object { -not [string]::IsNullOrWhiteSpace($_) } |
+            ForEach-Object { [Environment]::ExpandEnvironmentVariables($_.Trim()).TrimEnd('\') }
+
+        if ($normalizedEntries.Where({ $_ -ieq $normalizedFilePath }, 'First').Count -eq 0) {
+            $newPath = $FilePath + ';' + $pathValue
+
+            $message     = "Need to add the path to the Machine PATH environment variable."
+            $prompt      = "Shall I add '$FilePath' to Machine PATH?"
+            $description = "Add '$FilePath' to Machine PATH."
+
+            if ($PSCmdlet.ShouldProcess($description, $prompt, $message)) {
+                Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH -Value $newPath -Type $pathType
+
+                $verifyValue = (Get-Item -Path 'HKLM:\System\CurrentControlSet\Control\Session Manager\Environment').GetValue('PATH', '', 'DoNotExpandEnvironmentNames')
+                if ($verifyValue -eq $newPath) {
+                    Write-Host "Updated Machine PATH to include OpenSSH directory, restart/re-login required to take effect globally" -ForegroundColor Yellow
+                }
             }
         }
     }