I am setting up PS Remoting with an IP address as my target. I know if you are using an ip for your computername parameter on enter-pssession, kerberos is not used. I also noticed in the documentation that NTLM authentication is used by default whenever you specify an IP address and -cred parameter for enter-pssession. My question: Is NTLM authentication trustworthy when using -cred parameter with an ip as a target when using enter-pssession or new-pssession?
HOW TO USE AN IP ADDRESS IN A REMOTE COMMAND
ERROR: The WinRM client cannot process the request. If the authentication scheme is different from Kerberos, or if the client computer is not joined to a domain, then HTTPS transport must be used or the destination machine must be added to the TrustedHosts configuration setting.
The ComputerName parameters of the New-PSSession, Enter-PSSession and
Invoke-Command cmdlets accept an IP address as a valid value. However,
because Kerberos authentication does not support IP addresses, NTLM
authentication is used by default whenever you specify an IP address.
When using NTLM authentication, the following procedure is required
Configure the computer for HTTPS transport or add the IP addresses
of the remote computers to the TrustedHosts list on the local
For instructions, see “How to Add a Computer to the TrustedHosts
Use the Credential parameter in all remote commands.
This is required even when you are submitting the credentials
of the current user.