使用 Http 连接到启用了 WinRM 的 Azure 虚拟机

Connect to Azure Virtual Machine with WinRM Enabled using Http

我可以使用 http://terraformrg.southeastasia.cloudapp.azure.com/ and it can't access with https://terraformrg.southeastasia.cloudapp.azure.com/(机器中没有 SSL)访问我的 azure 虚拟机 (windows)。但是我在这个虚拟机中为 https 启用了 443 端口。我在我的 VM 中看到了 http 和 https WinRM 侦听器 运行,即没有缩略图的 http 和有缩略图的 https。

My question is that can I connect to my WinRM enabled azure VM using http? or is it a mandatory for https here?

关于启用 Azure VM WinRM,您应该将端口 5985 添加到 Azure VM 的 NSG 入站规则 并将端口 5985 添加到 windows 防火墙入站规则.

然后使用此脚本创建会话:

$username = 'user'
$pass = ConvertTo-SecureString -string 'password' -AsPlainText -Force
$cred = New-Object -typename System.Management.Automation.PSCredential -argumentlist $username, $pass
$s = New-PSSession -ConnectionUri 'http://xx.xx.xx.xx:5985' -Credential $cred -SessionOption (New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck)

希望对您有所帮助。

更新:

这是我的步骤:

WinRM 服务器:

PS C:\Users\jason> Enable-PSRemoting -force
PS C:\Users\jason> winrm quickconfig
WinRM service is already running on this machine.
WinRM is not set up to allow remote access to this machine for management.
The following changes must be made:

Configure LocalAccountTokenFilterPolicy to grant administrative rights remotely to local users.

Make these changes [y/n]? y

WinRM has been updated for remote management.

Configured LocalAccountTokenFilterPolicy to grant administrative rights remotely to local users.

客户:

PS C:\Users\jason> winrm set winrm/config/client '@{TrustedHosts = "13.78.103.201"}'
Client
    NetworkDelayms = 5000
    URLPrefix = wsman
    AllowUnencrypted = false
    Auth
        Basic = true
        Digest = true
        Kerberos = true
        Negotiate = true
        Certificate = true
        CredSSP = false
    DefaultPorts
        HTTP = 5985
        HTTPS = 5986
    TrustedHosts = 13.78.103.201

PS C:\Users\jason> $username = 'jason'
PS C:\Users\jason> $pass = ConvertTo-SecureString -string '122130869@qq' -AsPlainText -Force
PS C:\Users\jason> $cred = New-Object -typename System.Management.Automation.PSCredential -argumentlist $username, $pass
PS C:\Users\jason> $s = New-PSSession -ConnectionUri 'http://13.78.103.201:5985' -Credential $cred -SessionOption (New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck)

PS C:\Users\jason> Enter-PSSession -ConnectionUri 'http://13.78.103.201:5985' -Credential $cred
[13.78.103.201]: PS C:\Users\jason\Documents>
[13.78.103.201]: PS C:\Users\jason\Documents>
[13.78.103.201]: PS C:\Users\jason\Documents>

注意:将端口 5985 添加到 NSG 入站规则和 windows 防火墙设置。