From f80ce60cf9850263185af81924996f176f35f15b Mon Sep 17 00:00:00 2001 From: Klaus Frank Date: Thu, 3 Jan 2019 17:43:51 +0100 Subject: [PATCH] Make WinRM security warning more explicit (#50263) Make WinRM security warning more explicit. Currently the warning is "viewed by anyone", this is a much lower risk than arbitrary command injection. Therefore the risk should be phrased appropriately. +label: docsite_pr --- docs/docsite/rst/user_guide/windows_winrm.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/docsite/rst/user_guide/windows_winrm.rst b/docs/docsite/rst/user_guide/windows_winrm.rst index 5db9143f3b3..d3ae4befc72 100644 --- a/docs/docsite/rst/user_guide/windows_winrm.rst +++ b/docs/docsite/rst/user_guide/windows_winrm.rst @@ -578,7 +578,8 @@ in the host vars. A last resort is to disable the encryption requirement on the Windows host. This should only be used for development and debugging purposes, as anything sent -from Ansible can viewed by anyone on the network. To disable the encryption +from Ansible can be viewed, manipulated and also the remote session can completely +be taken over by anyone on the same network. To disable the encryption requirement, run the following from PowerShell on the target host: .. comment: Pygments powershell lexer does not support colons (i.e. URLs)