Right…. There’s a lot of articles online how to setup remote PowerShell or how to configure remote PowerShell. I have found that all articles on how to setup remote PowerShell are not all complete. As in there’s some information there, different parts of information all over the place across different posts and not in the complete order and/or missing steps.
You need Remote PowerShell to administer Windows servers and these days with PowerShell, you can do everything and anything with PowerShell, so remote PowerShell is a must. It’s even more so important now that the cloud is here and Azure is around who offer virtual machines with the port 5986 open by default.
Remote PowerShell is a little hard to setup and comes in two flavours, HTTP (port 5985) and HTTPS (port 5986). In the theme of security, this post will focus on the most secure way of setting up Remote PowerShell, port 5986 HTTPS with SSL. Also too, I am not focusing on domain based machines, I am focusing on just stock standard machines, machines not connected to the domain aka ‘workgroup’ servers.
First things first, you need to make a server signing certificate with a private key. Easiest and cheapest (free) way is to get copy of makecert and pvk2pfx available from here https://1drv.ms/f/s!ArtfJd5lMp6hg-YBwF-ezB_IJFDMMA.
Once you have these tools, you need to run:
makecert -sky exchange -r -n "CN=*.yourdomain.com" -pe -a sha1 -eku 22.214.171.124.126.96.36.199.1 -len 2048 -ss My -sr localmachine "MyCert.cer"
Use your best judgement here and change some things around as you see fit, this is an example only.
From here you import this certificate to the local machine and export the private key to a *.pfx file. Please note, the command above should add the certificate to the local computer certificate store for you. You will then need to add the root certificate authority certificate MyCert.cer (the one you just created) to the computer based trusted root store of the machine you are connecting from. I won’t go into the certificate stuff too deep here, but you should know most of this already.
Below is the the real stuff that this post focuses on, some PowerShell in which you can run on the machine that you want to connect to. Run the entire first region first (down to line 28) as long as you’re sure you have the correct information for the certificate line. Again, use your best judgement here and change some things around as you see fit, this is an example script only. This first region will reset WinRM completely and then setup it up for just HTTPS and add the Windows firewall rule to allow for the connection. The other stuff below the first region is there just for information purposes only which you might or might not benefit from or may not need at all.
After you run the above to configure remote PowerShell, you will need to connect. That’s a simple case of running the below PowerShell to connect to the remote machine. The script below is like a donut, there’s a top and tail, you can put what ever you like in the middle.