加密凭证，导出，然后导入 [英] Encrypt Credentials, Export, then Import

问题描述

我使用 Powershell 已经有一段时间了，但我不明白加密是如何工作的，甚至不确定我在阅读帮助文件时使用了正确的语法.

I've been working with Powershell for quite some time now but I don't understand how the encryption works, not even sure I'm using the right syntax from reading the help files.

#Get User Information
$User = Read-Host "Please enter your username"
$Password = Read-Host "Please enter your password. This will be encrypted" -AsSecureString | ConvertTo-SecureString -AsPlainText -Force

#Define a Key File
$KeyFile = "C:\Powershell\AES.key"
$Key = New-Object Byte[] 32
[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($Key)
$Key | out-file $KeyFile

#Encrypt using AES
$PasswordFile = "C:\Powershell\Password.txt"
$KeyFile = "C:\Powershell\AES.key"
$Key = Get-Content $KeyFile
$Password | ConvertFrom-SecureString | Out-File $PasswordFile

#Set credentials to be called.
$myCredentials = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, (Get-Content $PasswordFile | ConvertTo-SecureString -Key $key)

#Open text file.
Invoke-Command -ComputerName localhost -Credential $MyCredentials -ScriptBlock{
    Invoke-Item C:\Powershell\Password.txt
    }

我在运行这个时收到一个错误，我不知道为什么我不能用管道:

I received an error when running this and I'm not sure why I can't pipe this:

ConvertFrom-SecureString : 输入对象不能绑定到任何命令的参数要么是因为该命令不带管道输入或输入及其属性与任何接受管道输入的参数.在 C:\Powershell\Password.ps1:15字符:13+ $密码 |ConvertFrom-SecureString -Key $Key |外文件 $PasswordFile+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo : InvalidArgument: (System.Security.SecureString:String) [ConvertFrom-SecureString],参数绑定异常+ FullQualifiedErrorId : InputObjectNotBound,Microsoft.PowerShell.Commands.ConvertFromSecureStringCommand

ConvertFrom-SecureString : The input object cannot be bound to any parameters for the command either because the command does not take pipeline input or the input and its properties do not match any of the parameters that take pipeline input. At C:\Powershell\Password.ps1:15 char:13 + $Password | ConvertFrom-SecureString -Key $Key | Out-File $PasswordFile + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (System.Security.SecureString:String) [ConvertFrom-SecureString], ParameterBindingException + FullyQualifiedErrorId : InputObjectNotBound,Microsoft.PowerShell.Commands.ConvertFromSecureStringCommand

是否有任何加密专家可以提供帮助?我试图简单地将密码保存到文本文件(加密)，然后我想使用另一个脚本使用加密密码使用新凭据调用各种程序，但我什至无法使加密密码正常工作.提前致谢.

Are there any encryption experts that can help? I'm trying to simply save a password to a text file (encrypted) and then I want to use another script to call various programs using new credentials using the encrypted password, but I can't even get the encrypted password to work correctly. Thanks in advance.

推荐答案

让事情变得简单:

要将凭据对象保存到磁盘:

$credential = Get-Credential
$Key = [byte]1..32
$credential.Password | ConvertFrom-SecureString -Key $Key | Set-Content c:\cred.key

要将其加载回 Powershell:

$Key = [byte]1..32
$username = "type the username here"
$encrypted = Get-Content c:\cred.key | ConvertTo-SecureString -Key $Key

## Create The Credential Object:

$credential = New-Object System.Management.Automation.PsCredential($username, $encrypted)

当然这不是安全的，因为看到你代码的每个人都可以重复使用凭证，

Sure that this is not secured, because everyone who see your code can re-use the credential,

如果您根本不使用密钥，凭据将使用您当前的用户进行加密，并且只有当前用户才能将其解密.

If you are not using a key at all, the credential will be encrypted with your current user, and only the current user can decrypt it back.

这篇关于加密凭证，导出，然后导入的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！