Server Preparation¶
Windows 10¶
WinRM HTTP¶
To add HTTP access, follow these steps:
-
Run Command Prompt as administrator:
-
Enter
winrm qccommand:
-
If this command fails (as in the screenshot below), you need to change the network to
Private / Domain:
3.1 Right-click on the icon networks in the lower right corner, then -
Open Network & Internet Settings:
3.2 Change network to Private via
Change connection properties:
WinRM HTTPS¶
To add HTTPS access, you need follow all the steps, as for the HTTP protocol (above), and run the commands in PowerShell as an administrator:
$ip="192.168.137.169" # your ip might be different
$c = New-SelfSignedCertificate -DnsName $ip `
-CertStoreLocation cert:\LocalMachine\My
winrm create winrm/config/Listener?Address=*+Transport=HTTPS "@{Hostname=`"$ip`";CertificateThumbprint=`"$($c.ThumbPrint)`"}"
netsh advfirewall firewall add rule name="WinRM-HTTPS" dir=in localport=5986 protocol=TCP action=allow
Windows Server¶
Winrm Protocol is enabled by default on Windows Servers, but you need to update one rule in firewall.
In Windows Firewall with Advanced Security for Inbound Rule you need to find a Windows Remote Management (HTTP-In) rule and in Scope select Any IP address in the Remote IP Address section.
Note
To add HTTPS access for Windows Server, follow the same steps as for Windows 10.
Linux¶
To add a Linux server, two types of SSH authentication can be used:
- by Password
- by SSH key
SSH password authentication¶
To add password access, enter a valid VM password in the Password field.
SSH key pair authentication¶
To add access using an SSH key, you must perform the following steps:
-
Connect to the VM in any way and go to Terminal.
-
Generate a key pair using the command:
-
Enter the command:
-
Paste the copied key into the file:
cat /tmp/compliance_key.pub >> ~/.ssh/authorized_keys -
Copy the private key using the
cat /tmp/compliance_keycommand and paste when connecting the server to Compliance.