README
¶
gowinrm
gowinrm is a Go client for the Windows Remote Management (WinRM) service.
gowinrm learns inspiration from the following library:
Requirements
Usage
hostname := "192.168.1.37"
username := "Administrator"
password := "123qweASD"
// read server cert.pem
serverPemCerts, err := ioutil.ReadFile("winrm-cert.pem")
if err != nil {
panic(err)
}
// create a ssp
ssp := gowinrm.NewBasicSSP(username, password, hostname, true, gowinrm.NewSecurity().WithServerCAs(serverPemCerts))
// create a session
session := gowinrm.NewSession(ssp)
defer session.Close()
// create a result command
cmd, err := session.NewResultCommand(gowinrm.Command, "netstat", "-ano")
defer cmd.Close()
if err != nil {
panic(err)
}
// create stdout and stderr Writer to receive the execution
stdoutReader, stdoutWriter := io.Pipe()
defer stdoutWriter.Close()
stderrReader, stderrWriter := io.Pipe()
defer stderrWriter.Close()
// print stdout
go func() {
bytes := make([]byte, 1<<20)
for {
size, err := stdoutReader.Read(bytes)
if size != 0 {
os.Stdout.Write(bytes[:size])
}
if err != nil {
if err == io.EOF {
break
} else {
panic(err)
}
}
}
}()
// print stderr
go func() {
bytes := make([]byte, 1<<20)
for {
size, err := stderrReader.Read(bytes)
if size != 0 {
os.Stderr.Write(bytes[:size])
}
if err != nil {
if err == io.EOF {
break
} else {
panic(err)
}
}
}
}()
cmd.Receive(map[string]io.Writer{
"stdout": stdoutWriter,
"stderr": stderrWriter,
})
Transports
Testing
- Access Windows host to run the following command:
# from PowerShell
> wget -o ConfigureWinRM.ps1 https://raw.githubusercontent.com/thxCode/gowinrm/master/test/manual/ConfigureWinRM.ps1
> .\ConfigureWinRM.ps1 -LogLevel 0 -NewCertForce -AuthBasic -SkipEncryptedService -HostIP 192.168.1.52 -AuthCertificate -AuthCertificateUser thxcode
Now, the WinRM service is enabled, both HTTP and HTTPS can access. At the same time, we enable the basic authentication, certificate authentication and unencrypted service of WinRM.
> ls
Mode LastWriteTime Length Name
---- ------------- ------ ----
-a---- 4/27/2018 12:54 AM 28781 ConfigureWinRM.ps1
-a---- 4/27/2018 12:55 AM 1234 winrm-client-thxcode-cert.pem
-a---- 4/27/2018 12:55 AM 1920 winrm-client-thxcode-key.pem
-a---- 4/27/2018 12:55 AM 1238 winrm-server-cert.pem
Please overwrite all *.pem files in path/to/gowinrm/test/e2e.
- Use osni/ginkgo to test:
$ go get -u github.com/onsi/ginkgo/ginkgo
$ go get -u github.com/onsi/gomega/...
$ cd path/to/gowinrm/test/e2e
$ ginkgo -v
Setup WinRM
See "Using OverThere to control a Windows Server from Java" for information about how to setup WinRM.
For convenience, we provide a PowerShell script, named ConfigureWinRM.ps1, to help you to setup WinRM easily:
> wget -o ConfigureWinRM.ps1 https://raw.githubusercontent.com/thxCode/gowinrm/master/test/manual/ConfigureWinRM.ps1
- Enable WinRM over HTTP and HTTPS with self-signed certificate (includes firewall rules):
> .\ConfigureWinRM.ps1 -LogLevel 0
- Enable WinRM only over HTTP for test usage (includes firewall rules):
> .\ConfigureWinRM.ps1 -LogLevel 0 -SkipSSL -SkipEncryptedService
- Enable WinRM basic authentication. For domain users, it is necessary to use NTLM, Kerberos or CredSSP authentication (Kerberos and NTLM authentication are enabled by default CredSSP isn't):
> .\ConfigureWinRM.ps1 -LogLevel 0 -AuthBasic
github.com/thxcode/gowinrm isn't supported Kerberos and CredSSP authentication now.
- Enable WinRM CredSSP authentication. This allows double hop support so you can authenticate with a network service when running command son the remote host:
> .\ConfigureWinRM.ps1 -LogLevel 0 -AuthBasic:$false -AuthCredSSP
Documentation
¶
Index ¶
- Variables
- func AuthHttpRequestWrapperFactory() transport.HttpRequestWrapper
- func ChallengeHttpRequestWrapperFactory(username, password string) transport.HttpRequestWrapper
- func NewBasicSSP(username, password string, host string, useTLS bool, security *Security) *transport.SSPImpl
- func NewCertificateSSP(host string, security *Security) *transport.SSPImpl
- func NewNtlmSSP(username, password string, host string, security *Security) *transport.SSPImpl
- type Security
- func (s *Security) Error() error
- func (s *Security) HasError() bool
- func (s *Security) WithClientCert(clientCertPem []byte, clientKeyPem []byte) *Security
- func (s *Security) WithServerCAs(serverCAsPem []byte) *Security
- func (s *Security) WithoutSSL() *Security
- func (s *Security) WithoutVerify() *Security
- type Session
- func (s *Session) Close() error
- func (s *Session) NewInteractiveCommand(shellType ShellType, cmdExpression string, arguments ...string) (*transport.InteractiveCommand, error)
- func (s *Session) NewResultCommand(shellType ShellType, cmdExpression string, arguments ...string) (*transport.ResultCommand, error)
- type ShellType
Constants ¶
This section is empty.
Variables ¶
View Source
var (
UTF16LeEncoder = unicode.UTF16(unicode.LittleEndian, unicode.IgnoreBOM).NewEncoder()
)
Functions ¶
func AuthHttpRequestWrapperFactory ¶
func AuthHttpRequestWrapperFactory() transport.HttpRequestWrapper
func ChallengeHttpRequestWrapperFactory ¶
func ChallengeHttpRequestWrapperFactory(username, password string) transport.HttpRequestWrapper
func NewBasicSSP ¶
func NewBasicSSP(username, password string, host string, useTLS bool, security *Security) *transport.SSPImpl
Create a Basic Security Support Provider
func NewCertificateSSP ¶
Create a Certificate Security Support Provider
Types ¶
type Security ¶
func NewSecurity ¶
func NewSecurity() *Security
func (*Security) WithClientCert ¶
func (*Security) WithServerCAs ¶
func (*Security) WithoutSSL ¶
func (*Security) WithoutVerify ¶
type Session ¶
type Session struct {
// contains filtered or unexported fields
}
func NewSession ¶
func (*Session) NewInteractiveCommand ¶
func (*Session) NewResultCommand ¶
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.