-
Notifications
You must be signed in to change notification settings - Fork 150
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Including support for NTLM for the microsoft/docker container #124
Comments
relevant code # Required for gssntlmssp
RUN yum install -y epel-release
# Update now that we have epel-release
RUN yum update -y
# Install libraries for NTLM support
RUN yum install -y gssntlmssp |
What images would you expect to be fixed? centos obviously anything else? |
The code exists here: |
I mean I would expect you guys to fix anything you can? I mean, if you're going to do something why not do it well. |
To make it easier:
|
It's understandable if the ones that need building are not supported, but the ones with binary packages readily available is kind of silly to not support it in the "official" microsoft/powershell container. If y'all are concerned about tainting the regular docker containers with non-microsoft code, at the very least it'd be good to have an official microsoft/powershell container with ntlm support. (edited to fix a miswording) |
@arizvisa Also, finding the information on what the packages are called and how to install them is time consuming. Feel free to submit a PR and we can review your code and take it if the change in acceptable. We have to prioritize what issues we look into. Although a dev made me aware of this issue, he did not look into it even to the details that the quickbreach blog gives. I've asked @RDIL, a new contributor, to start looking into fixing Assuming you don't look at the other images, I'll leave the issue open and I'm sure we will test of PSRP remoting compatibility again in the future. After that, I can update the status of issues with which images are working with kerberos and which are not. |
I'll look into it :) |
CentOS is done. ✅ |
Cool. Nice one, RDIL. @TravisEz13, Yeah. I'm not really a fan of pwsh. I just think it's lame to build an official container and miss out on a key feature like remoting. There's literally hundreds of people asking how to get remoting to work from their machines. Pointing them at a container solves that problem.. Thanks for listening! |
I would be willing to fix the other OS’s if you guys want me to. |
|
@arizvisa FYI, we release new docker images (usually all) whenever we release a new version of PowerShell Core. It shouldn't be more than a week or two. |
I just found out that May have to revisit this using a 2 stages dockerfile to reduce container image size. @TravisEz13, can we skip the |
@kiazhi Yup, I updated your PR with the metadata to skip the tests |
Status update as of Yesterday:
|
Community Stable statuses:
|
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
I'm going to consider this done. |
If anyone needs ntlm on alpine - I put some instructions on how to build/install it from source.
|
As per PowerShell/PowerShell#8817, the
microsoft/docker
container does not support NTLM which makes it pretty limited against what you can invoke WinRM with. I was under the assumption that NTLM would be implemented as part of PowerShell or at the very least be included as part of the container.As per the blogpost at https://blog.quickbreach.io/ps-remote-from-linux-to-windows/, the container at https://hub.docker.com/r/quickbreach/powershell-ntlm/ includes the gssapi library that you need to include in order to include NTLM support.
Status
FYI, there are no plan to do functional validation for this.
Our efforts currently are focusing on SSH remoting.
The text was updated successfully, but these errors were encountered: