Page 1 of 1

$Host.Name / (Get-Host).Name and Using it with Invoke-Command

Posted: Wed Oct 30, 2024 11:55 am
by ITVendor
I have a PowerShell/JEA Session Configuration/endpoint. I want my form/application to be the only entity allowed to use it. This is to say, that I don't want people using it from the ConsoleHost, Code, ISE, etc. via Invoke-Command or Enter-PSSession. I thought I had an idea, but even though (Get-Host).Name returns PrimalScriptHostImplementation inside the form/application when Invoke-Command is run by the form/application, (Get-Host).Name is still ServerRemoteHost -- this is the same as if were Invoke-Command or Enter-PSSession.

How can I only allow my form/application to use my session configuration/endpoint? What can I pass into my StartupScript/ScriptToProcess that's unique to the application/form that can't be spoofed -- that's unique to the form/environment and built-in (preferably not text in the application/form that I add)?

Re: $Host.Name / (Get-Host).Name and Using it with Invoke-Command

Posted: Wed Oct 30, 2024 12:33 pm
by Alexander Riedel
Calculate a hash e.g. over the date, time and target machine name and pass it on the command line. The called script does the same calculation, then the hash should match. Makes sure that even if someone gets a hold of one hash, it won't work thereafter.

Re: $Host.Name / (Get-Host).Name and Using it with Invoke-Command

Posted: Thu Oct 31, 2024 1:06 pm
by ITVendor
I appreciate the idea -- I'm going to work though this, thank you.