Do parameters / arguments get sent over the network in plain text or encrypted

Comments

1 comment

  • Kris Powell

    Hi,

    As it turns out, when you deploy a package with PDQ Deploy, the package will be sent in plain text. So, if you're using a .ps1 file in an Install Step with a password as a parameter, it will be sent in plain text and the password would be visible.

    As an alternative, however, you may look into encrypting your credentials and saving them to a separate file. I recently had a blog post about this topic: http://www.adminarsenal.com/admin-arsenal-blog/secure-password-with-powershell-encrypting-credentials-part-2

    That blog is specifically about encrypting credentials and saving them to a file so that you can refer to them in your scripts without having to directly provide the credential. 

    It is worth noting, however, that anybody who has your AES key can decrypt your password file, so I would make certain to use proper file permissions and lock down access to those files. Anybody who can read the AES key can decrypt any data that was encrypted with it.

     

    Cheers,

    0
    Comment actions Permalink

Please sign in to leave a comment.