Powershell Remoting with Basic Auth

This topic contains 3 replies, has 3 voices, and was last updated by  Don Jones 2 years, 3 months ago.

  • Author
  • #36989

    Jason Beckett

    For various reasons beyond my control I can't use Kerberos authentication in powershell remoting. I'm am trying to use basic auth but I keep running in to road blocks and need guidance on the right config.

    Through group policy I have the windows remote management firewall rules deployed. Also through policy I have the windows remote management service turned on and the "allow remote server management through WinRM" policy enabled.

    However, I'm getting the following error:
    Connecting to remote server SERVERNAME failed with the following error message : The WinRM client cannot process the request. Unencrypted traffic is currently disabled in
    the client configuration. Change the client configuration and try the request again.

    So I guess I need to either use SSL which I'm not finding good documentation on or... what I'm not sure. Appreciate any input the forum can provide.

  • #36990

    Dave Wyatt

    Why not use NTLM? You get that with the "-Authentication Negotiate" option, and then you don't need to worry about SSL. (You'll actually wind up with an encrypted remoting session anyway, at that point.)

    If you use basic auth, then everything, including your username / password, will be sent in plain text over the network, and at that point you would absolutely need SSL.

  • #36991

    Jason Beckett

    Good tip. I'll do that. Thanks.

  • #36999

    Don Jones

    Also, check out "secrets of powershell remoting," our free ebook on the subject.

You must be logged in to reply to this topic.