远程运行PowerShell命令的安全性?
[英]Security of running PowerShell command remotely?
问题描述
I'm new to PowerShell. 
我是PowerShell的新手。 I'm looking to run PowerShell command on a remote PC running Windows 7. 我希望在运行Windows 7的远程PC上运行PowerShell命令。
On the remote PC, I ran the following PowerShell commands: 在远程PC上,我运行以下PowerShell命令:
Enable-PSRemoting -Force
Set-Item WSMAN:\localhost\client\trustedhosts <host_ip>
Restart-Service WinRM
I performed the last two commands on the host PC (but using <remote_ip> ). 我在主机PC上执行了最后两个命令(但使用<remote_ip> )。
I confirmed this worked OK with: 我确认这可以正常工作:
Invoke-Command -ComputerName <name> -Credential <username> -ScriptBlock { Get-ChildItem C:\ }
My question: Is this secure on a public network? 我的问题:这在公共网络上安全吗? Should I be doing something else? 我应该做别的事情吗? Or should I be using SSL? 还是我应该使用SSL? If so, how do I go about this? 如果是这样,我该如何处理?
1 个解决方案
解决方案1
3 已采纳 2012-09-28 16:22:45
If you use the default authentication when using Invoke-Command the user is authenticated on the remote host using either NTLM or Kerberos. 如果在使用Invoke-Command时使用默认身份验证,则将使用NTLM或Kerberos在远程主机上对用户进行身份验证。 So I don't think you need to worry too much about the password being sniffed out on the network. 因此,我认为您不必担心网络上嗅探到的密码。 Also, by default, remoting endpoints can only be used by administrators on that machine. 同样,默认情况下,远程端点只能由该计算机上的管理员使用。 Finally, if you need to allow non-admins access, you can configure a remoting endpoint that is restricted. 最后,如果需要允许非管理员访问,则可以配置受限制的远程端点。 It can be restricted in the cmdlets available and it can be restricted in language capability. 可以在可用的cmdlet中对其进行限制,并且可以在语言功能方面对其进行限制。 This tutorial on remoting covers setting up a restricted session. 关于远程处理的本教程介绍如何设置受限会话。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.