none
Powershell: How secure is the using of -credentials or -computername at remote powershell commands? RRS feed

  • Frage

  • Hi,
    I would like to know if the use of following commands a security problem?
    Get-HotFix -ComputerName PC01    (Execute as member of lokal Admingroup from remote PC\Server)
    or
    Get-Hotfix -ComputerName PC01 -Credentials $cred   (Also member of lokal Admingroup)

    Would the credentials stored on the target system?
    Keyword Pass-the-hash etc.?

    I found some informationen about reusable credentials here:
    Link
    But not about the using of Powershell commands with -Credentials or -Computernname....

    It would be great if have someone a link or can explain if or if this not a problem.

    Best Regards,
    Coyo
    Montag, 21. Oktober 2019 21:01

Alle Antworten

  • Hi,

    Thanks for your question.

    I think your variable $cred is the System.Management.Automation.PSCredential type object. And the password word has been converted to securestring. Also it will only stored in the current powershell session, If you exit the current powershell session, it will be deleted.

    Also, Remoting Does Not Transmit or Store Credentials.

    By default, Remoting uses Kerberos, an authentication protocol that does not transmit passwords across the network. Instead, Kerberos relies on passwords as an encryption key, ensuring that passwords remain safe. Remoting can be configured to use less-secure authentication protocols (such as Basic), but can also be configured to require certificate-based encryption for the connection.

    Further, Remoting never stores credentials in any persistent storage by default. A Remote machine never has access to a user’s credentials; it has access only to a delegated security token (a Kerberos “ticket”). That is stored in volatile memory which cannot, by OS design, be written to disk - even to the OS page file. The server presents that token to the OS when executing commands, causing the command to be executed with the original invoking user’s authority - and nothing more.

    Please refer the book 《Secrets of PowerShell Remoting》:

    https://leanpub.com/secretsofpowershellremoting/read#leanpub-auto-remoting-does-not-transmit-or-store-credentials

    Best regards,

    Lee


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact

    Mittwoch, 23. Oktober 2019 08:20
  • Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Lee

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Freitag, 8. November 2019 13:28