Using WS-Management to get a Remote Shell on Server Core
Over the last two weeks I must have built, tore down, and rebuilt my test lab 8 times. I've been experimenting with every option I can come up with for my Hyper-V install to test performance, admin tools, and searching out answers to a variety of questions from customers I met with over the last few weeks. I have a new favorite command:
winrs -r:<target> cmd
In the first couple of go-rounds I was enabling RDP on the Server Core machine. RDP to the Server Core instance, then run command lines. This works fine but if I am just going to use the command line, wouldn't it be better to use a remote shell? I could enable Subsystem for Unix Applications and install the Interops OpenSSH package so I could use Putty, but then I came across an interesting section in the step-by-step guide:
To manage a server running a Server Core installation by using the Windows Remote Shell
1. To enable Windows Remote Shell on a server running a Server Core installation, type the following command at a command prompt:
WinRM quickconfig
2. On another computer, at a command prompt, use WinRS.exe to run commands on a server running a Server Core installation. For example, to perform a directory listing of the Windows folder, type:
winrs -r: <ServerName> dir c:\windows
Where:
ServerName is the name of the server running a Server Core installation.
Note:
The WinRM quickconfig setting enables a server running a Server Core installation to accept Windows Remote Shell connections. This setting can also be set in an unattend file. See the example in Appendix A at the end of this document.
Important:
For more information about using different security credentials to run commands, see the command-line help for WinRS.exe by typing winrs -? at a command prompt.
Well this is new to me. Running WinRM Quickconfig is considerably fewer keystrokes then enabling RDP using scregedit.wsf and the quickconfig command has the added benefit of handling creation of firewall exceptions. So in two words I can get remote access to the machine? Sweet!
I need more info, what else should I know about WinRM? I started running through the winrm and winrs command help outputs. Interesting info:
C:\Users\migreene>winrm help
Windows Remote Management Command Line ToolWindows Remote Management (WinRM) is the Microsoft implementation of
the WS-Management protocol which provides a secure way to communicate
with local and remote computers using web services.
and also in regards to security, the winrs command has an option for traffic encryption:
-un[encrypted] - Specify that the messages to the remote shell will not be encrypted. This is useful for troubleshooting, or when the network traffic is already encrypted using ipsec, or when physical security is enforced. By default the messages are encrypted using Kerberos or NTLM keys. This switch is ignored when HTTPS transport is selected.
Yes, you can even assign a cert to WinRM so you can winrs to an https:// address over SSL, but I am sticking with the default Kerb SSP. Further, you can require certificate authentication from clients if you prefer multi-factor auth.
I've been testing winrs from my domain joined admin machine. I have also been using it to admin my test lab from my work machine, a member of a different forest, by using -u and -p to provide a separate set of credentials. Originally I had been executing commands via winrs directly, then I decided it would be nice to just have a remote shell shortcut pinned to the Start Menu, so I created a batch file to run:
Start /w winrs -r:<target> cmd
I put the file in my documents folder and a shortcut on the start menu. Now I can launch at any time and get remote access.
Caveat!
I've only run in to one issue thus far. The responsiveness of the remote shell is not great. In something with quick, verbose output such as robocopy, I only get new info back to the shell every half-second or so. I can easily live with it but it is not as "quick" feeling as being in an RDP session. You also cannot launch GUI apps such as timedate.cpl. No big surprise, just FYI.
I know, I know, command line administration, welcome back to the 70s... I'll just say this, the VMs I have running on my Server Core box are performing like well-tuned racing engines. I'm more than willing to run the occasional command line shutdown string if it means less maintenance and best of breed performance!