<a href="wg.sh">WG Linux</a><br>


useradd -m -s /bin/bash ansible<br>
mkdir -p /home/ansible/.ssh<br>
chmod 700 /home/ansible/.ssh<br>
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5zGlKux8essGLQSLtpRw1nSbRL/ZSmT+ppofUBL4XZ ansible@awx" >> /home/ansible/.ssh/authorized_keys<br>
chown -R ansible:ansible /home/ansible<br>
<br>
cat << 'EOF' >> /home/ansible/.ssh/authorized_keys<br>
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5zGlKux8essGLQSLtpRw1nSbRL/ZSmT+ppofUBL4XZ ansible@awx<br>
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEA5r2N88VJmir4+OOIF904tTxYekGJLRiwc5dypZb3jPZTjPUESHKnNQg+DrPVlCYAUyqCmK4Rm1GPl479nM/8GbVQ1/5Iy2KqRKJbY7aWogepV5tRpPXlKRfQC/aBDmwVvqP3H5Gi+7T1Rpotce+uD9BKLygcfVDxbqhwBtk1ubSLOkLwLbWtgkQO6jZsbfpckX4+1Rp70mDT20U3IHfuSs10/FNOja8WD7NOi6pqIm62+APEYKgofWF1Vp/aWs5p6WOBRL+ToRu40PdIErk3Y8j41dVApt6L64ATNYHCl34a7iHn7jt9oFhVxTMd1LTNGQoDtku5wJ8p02YXGQ855Q== christian.struebing@dmk-ebusiness.com<br>
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDajmpmX13JObNxpFDZkNh6Lzl+nGIqrEu7Dybz+mwLa6r2uc2fz92f+6p+RuDV/SwGSFuRMQhgtuQQxiRkdi+cIBuj3vL/wreCkdTrFR82S24TUiv0S4dFuLTXr6KJJRh+KMqFfI7V3SAi1CKDD00jucYHERgZZvIy1bRVjTIYFKjAnc9BhGHjIOuKT64j7rdEyqOXBbp2HX2ns2dAzvPRsiZ/wK2jl+mzj09CH4OTICNLs8omoCEUjRercEtVEuPIi8FHww8gwnvmoIZA5WjW/1GVCLA0g5H8sr7t0bL/wPK5vkEPUjRbg/mXooET7L8yWfBTvL4Zy9cL4vaA9qgX2qYh9wqjTq2FpckDlb+ANYjbn/XEPtfMYIASaNBpbnthAVVHalArsunRR94FFFZj1LVHRj0B+BqU0xtHeXIg1Q583Pt1kbhbNaJk6JCxhiMwAPxWJ06LQqpJjawlnfZf1DBwVdaGRXFxVbg1RbqIoa/CrPnFb67O9b6CBeKaIiCVUmY285Sh2RNrJbl0Sk4r37ZT3rt9IL5Dk0BIUsG1rV5isamTyCVCrtI77tMOxsDPmrGqEHRtV28F5NyGsIFR7sZBdH3fsMg4capYvx+uF7mrIV9BbCSAgmzTlH30emyEuy/MOFbYAPznGa9AiNFmwVBhvoXpjvhyjsIZNmEt3w== christian.azig@dmk-ebusiness.com<br>
EOF<br>
<br>
echo "ansible ALL=(ALL) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/ansible<br>
chmod 440 /etc/sudoers.d/ansible<br>

<br><br><br>
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass<br>
<a href="wg.ps1">WG Windows</a>

<br><br>
$cert = New-SelfSignedCertificate `<br>
  -DnsName "testwin","testwin.local" `<br>
  -CertStoreLocation Cert:\LocalMachine\My `<br>
  -KeyLength 2048 `<br>
  -KeyExportPolicy NonExportable `<br>
  -Provider "Microsoft RSA SChannel Cryptographic Provider"<br>
<br>
$thumb = $cert.Thumbprint<br>
<br>
winrm quickconfig -q<br>
<br>
winrm create winrm/config/Listener?Address=*+Transport=HTTPS `<br>
  "@{Hostname='testwin';CertificateThumbprint='$thumb'}"<br>
<br>
winrm delete winrm/config/Listener?Address=*+Transport=HTTP<br>
<br>
Enable-NetFirewallRule -Name "WINRM-HTTPS-In-TCP"<br>
<br>
winrm set winrm/config/service/auth '@{Basic="false";NTLM="true"}'<br>
winrm set winrm/config/service '@{AllowUnencrypted="false"}'<br>
<br>
$pw = Read-Host -AsSecureString<br>
New-LocalUser ansible -Password $pw -PasswordNeverExpires -AccountNeverExpires<br>
Add-LocalGroupMember -Group "Administrators" -Member ansible<br>
Add-LocalGroupMember -Group "Remote Management Users" -Member ansible<br>
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f<br>
<br>
$h = "testwin"<br>
$payload = '@{Hostname="' + $h + '";CertificateThumbprint="' + $thumb + '"}'<br>
winrm create "winrm/config/Listener?Address=*+Transport=HTTPS" $payload<br>