How can I connect to Windows Server using WinRM without password(like linux ssh authentication)?

[Jiwoong Lee]

Hi, all.

Now I can connect to Linux server without password, It just using SSH key.

And I need to connect Windows Server using WinRM but it need to Windows account and password.

How can I connect to Windows Server without password?

Please let me know any methods.

[renu jessi]

WinRM HTTPS Listener

The ConfigWinRMListenerPlugin configures a WinRM HTTPS listener with a self signed certificate generated on the spot and enables (optionally) basic authentication, which means that a secure communication channel can be established between any client and the server being provisioned, without the requirement of having both the client and the server in the same domain.  A firewall rule is added by cloudbase-init in the Windows firewall for TCP port 5986.

A this point you can login into your server. To begin with, don’t forget to add a rule to your security groups in OpenStack!

1	nova secgroup-add-rule default tcp 5986 5986 0.0.0.0/0

Get the admin password for the instance:

1	nova get-password yourinstance ~/.ssh/your_ssh_rsa_key

On your client connect to your instance as shown in the following PowerShell snippet:

1 2 3 4 5 6

$ComputerName = "yourserveraddress" # Provide your username and password (by default "Admin" and the password you just obtained) $c = Get-Credential $opt = New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck $session = New-PSSession -ComputerName $ComputerName -UseSSL -SessionOption $opt -Authentication Basic -Credential $c Enter-PSSession $session

[Jiwoong Lee]

Thanks for reply jessi,

I think your mentioned commands for openstack environment isn't it?

Could you please easily and further explain how can I connect to Ansible Server to Windows without password.

Thanks,

2020년 1월 16일 목요일 오후 3시 28분 25초 UTC+9, renu jessi 님의 말:

[Jordan Borean]

If using WinRM your only “password less” options are certificate based auth which is a massive pain to setup and I would not recommend it or Kerberos. With Kerberos you can use kinit before running Ansible to get a token that is then used for subsequent authentication. Kinit also works with a pre generated key tab so you don’t need to set the password.

A final option is to use SSH with Windows with key auth. This is a fairly recent feature and it may still have some bugs but it does work.

[Stu]

https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse

Openssh server on windows is fairly new but I've been able to ssh with key to a windows server and run PowerShell commands.