Open guijunhua opened 4 years ago
barky11
commented
4 years ago If you want to use a username and keyfile, you still need to use -credential , but you leave your password variable empty. Here are the commands.
$username="root"
$nopasswd = new-object System.Security.SecureString
$credential = New-Object System.Management.Automation.PSCredential ($username,$nopasswd)
New-SSHSession -computername <IP/Hostname> -credential $credential -Keyfile
darkoperator
commented
4 years ago That is a very very bad practice to have keys without a passphrase to protect them
Sent from my iPhone
On May 1, 2020, at 10:12 AM, barky11 notifications@github.com wrote:
If you want to use a username and keyfile, you still need to use -credential , but you leave your password variable empty. Here are the commands. $username="root" $nopasswd = new-object System.Security.SecureString $credential = New-Object System.Management.Automation.PSCredential ($username,$nopasswd) New-SSHSession -computername <IP/Hostname> -credential $credential -Keyfile
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.
dreamorosi
commented
4 years ago @darkoperator 100% agree with you, but I think it should be up to the user to enforce this.
We don't always create/control the key unfortunately and it would be useful if this use case would be supported, perhaps with a notice in the documentation that says "this is not advised".
benh57
commented
2 years ago Would be great if this were documented since the powershell syntax to do this is not common.
darkoperator
commented
2 years ago Yep should document it better, the bad practice of no passphrase is used a lot for keys, even for root. Seen it abused a lot in recent ransomware attacks and some crypto miner malware campaigns, did not thought it was so widespread.
i want use it write ps script is there any way ,if i have keyfile ,Just not use -credential, uesr name is enough .