5 PowerShell remote execution

The ability to execute remote PowerShell commands is not only essential for recurring automations but is also a powerful tool to have in your arsenal for ad-hoc situations. Just think back on your career and remember times when you needed to gather large-scale information about your environment or apply a change across multiple servers at once. You will quickly realize this is a common situation for any IT department. And in some cases, especially security-related ones, time can be of the essence. Therefore, before these situations arise, you will want to have PowerShell remoting set up and know how to adapt your scripts for remote execution.

For instance, in May of 2021, security researchers identified vulnerabilities in several Visual Studio Code (VS Code) extensions. While discovering installed versions of VS Code may be simple, finding the installed extensions can present a significate challenge. This is because extensions are installed at the user level and not the system level. Therefore, a lot of scanning tools will not pick them up. Fortunately, all VS Code extensions contain a vsixmanifest file, which we can search for and read to identify installed extensions.

5.1 PowerShell remoting

5.1.1 Remote Context

5.1.2 Remote Protocols

5.1.3 Persistent Sessions

5.2 Script considerations for remote execution

5.2.1 Remote execution scripts

5.2.2 Remote execution control scripts

5.3 PowerShell remoting over WS-Management (WSMan)

5.3.1 Enable WSMan PowerShell remoting

5.3.2 Permissions for WSMan PowerShell remoting

5.3.3 Execute commands with WSMan PowerShell remoting

5.3.4 Connect to the desired version of PowerShell

5.4 PowerShell remoting over SSH

5.4.1 Enable SSH PowerShell remoting

5.4.2 Authenticating with PowerShell and SSH

5.4.3 SSH environment considerations

5.4.4 Execute commands with SSH PowerShell remoting

5.5 Hypervisor-based remoting

5.6 Agent-based remoting

5.7 Setting yourself up for success with PowerShell remoting

5.8 Summary