User credentials for Azure virtual machine management best practices 09/22 Update SLTechnology News&Howtos

User credentials for Azure virtual machine management best practices

2025-09-22 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Shulou(Shulou.com)06/01 Report--

Remember that in the old cat's script for remotely managing virtual machines in Azure through Powershell, each virtual machine access requires get-credential interaction to obtain user credentials for access, but this approach requires user interaction every time, and if repeated scripts are obviously not a good way, how to encrypt and retain users' credentials for repeated use is a best practice. Of course, the automation service feature provided in the international version of Azure now contains Asset that can safely retain credentials for automated script calls. As the domestic Azure service does not have this feature, it can only be pressed and not listed for the time being. Of course, if this is the only way, this article is over. Here is a method that can be used for reference before the arrival of the automation service.

Because this method uses the process of encrypting and decrypting through the certificate, it needs to decrypt the certificate private key of the management client and encrypt the certificate public key. If you don't know much about the self-signed certificate, you can refer to the method of creating the self-signed certificate through the MakeCert tool. In this way, as long as the management node or the virtual machine in Azure has the corresponding certificate private key, the encrypted file saved in this way can also securely obtain user credentials.

Encrypted through the certificate public key and retained in the Mypassword.txt of the current user environment through Base64 format

$cert = Get-ChildItem Cert:\ LocalMachine\ My\ [certificate thumbprint] $bytes = [Text.Encoding]:: UTF8.GetBytes ("putyourpasswordhere") $encrypt = $cert.PublicKey.Key.Encrypt ($bytes, $true) $base64 = [Convert]:: ToBase64String ($encrypt) Set-Content $HOME\ Myencrptpwd.txt $base64

Obtain user credentials at the appropriate installation certificate private key node to run the script to use:

$cert = Get-ChildItem Cert:\ LocalMachine\ My\ [certificate thumbprint] $base64 = Get-Content $HOME\ Myencrptpwd.txt$encrypt = [Convert]:: FromBase64String ($base64) $bytes = $cert.PrivateKey.Decrypt ($encrypt,$true) $password = [Text.Encoding]:: UTF8.GetString ($bytes)

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.