Skip to content

Instantly share code, notes, and snippets.

@nordineb

nordineb/README.md

Last active July 9, 2018 12:48
Show Gist options
  • Save nordineb/6e1e53ef9831680b49819734198fc9cf to your computer and use it in GitHub Desktop.
Save nordineb/6e1e53ef9831680b49819734198fc9cf to your computer and use it in GitHub Desktop.
Download ZIP
Request Just-In-Time access to a VM and then start a powershell remote session
Raw
README.md

My recipe to:

  1. Request Just in time virtual machine (VM) access
  2. Start a PowerShell remote session to the VM

PowerShell Remoting over HTTP (unsecure!)

On the server

Start a Powershell CLI with elevated rights:

Enable-PSRemoting -SkipNetworkProfileCheck -Force
Set-NetFirewallRule –Name "WINRM-HTTP-In-TCP-PUBLIC" –RemoteAddress 172.0.0.0/8

On the client

Start a PowerShell CLI with elevated rights:

Install-Module Azure-Security-Center -Force
Start-Service WinRM; Get-Service WinRM
Set-Item WSMan:\localhost\Client\TrustedHosts -value 172.* -Force; Get-Item WSMan:\localhost\Client\TrustedHosts
sc.exe config WinRM start= "delayed-auto"

Start a new PowerShell CLI:

Login-AzureRmAccount
Import-Module Azure-Security-Center

# powershell remoting over HTTP TCP/5985
Invoke-ASCJITAccess -ResourceGroupName XXXRG -VM TEST-IIS-VM -Port 5985 -Hours 1

$DNS = Resolve-DnsName -Name MyServer.MyDomain.Tech
Enter-PSSession -ComputerName $DNS.IPAddress -Credential $cred
$TargetSession = New-PSSession -ComputerName HALOMEM03
Copy-Item -ToSession $TargetSession -Path D:\tcping64.exe -Destination d:\ -Recurse

Enable file sharing (c$)

dism /online /enable-feature /featurename=File-Services

PowerShell Remoting over HTTPS (secure!)

todo...

  • Open port 5986 on the server
  • request access to port 5986
  • create certificate on the server and import in locally
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment