Ansible - Kerberos message encryption to enable WinRM
Kerberos message encryption was just released for pywinrm, and it’s a great time to be alive.
With this, if you don’t have a fully deployed certificate architecture, you can still have encrypted messages flying around while using the WinRM easy-mode of http over tcp/5985. If you’re not using windows 10, just skip the WSL install portion.
If you have any problems, feel free to email me: firstname.lastname@example.org
Current environment looks like the following:
Windows Subsystem for Linux (WSL) - upgraded to ubuntu 16.04
Python 3.5 / pip3
Domain joined computer, configured krb5.conf
Let’s get started.
Install WSL #
Open Powershell, and run:
Make sure you’re on ubuntu 16.04:
If you’re still on 14.04, be aware of the following:
Continue reading →