Status: DRAFT
You are about to set up a system to securely communicate with Windows machines from other Windows or Linux machines. Hopefully secure. This manual you are reading is intended to help you do so, but how can you trust the information in it? You should not.
If you want to ensure that you end up with a secure system, you should use this manual as a guide instead of a copy-and-paste source. Understand what each step is for, and verify that the commands, downloaded scripts, etc. are correct. By following this approach you should be able to build a secure system without being able to fully verify if the sources are trustworthy.
Here are some examples of where not paying attention can easily lead to incorrectly configured or hacked systems:
As a convenience this manual provides a method to quickly select commands, so you can easily copy them to your shell. But copying from websites is not without pitfalls.
Certificate information is also provided to save time when a certificate of a file needs to be verified. But if you want to make sure that the file has not been modified and signed with a different certificate, go to the source of the file, download the file from there, and then check the certificate information of that file.
If correct, you are reading this manual from https://jstuyts.github.io/Secure-WinRM-Manual.
This means it is open source, so it is easy to get and check the source code of the manual. You can also check if people reported issues before following the
instructions. And if somebody found that the information in this manual could be used for malicious purposes, they can
always report it to GitHub (which is very likely to remove harmful projects).
Now that you are aware of how careful you have to be when setting up a secure system, you can start setting up secure WinRM connections. Hopefully you have everything up and running quickly.