How to create a secure automated transfer of binary files between windows servers through a firewall, using powershell?

Question

This is my first question on SO, and I am have tried to avoid it, but am forced to ask. I can't use FTP, as that's insecure. I can't use FTPS, as I can't introduce expiring cert overhead. WEBDAV over https isn't an option.

What would be ideal would be a firewall friendly robocopy, as that uses windows auth.

I am looking at powershell with BITS, but can't find what port it's using or it's requirements on Windows 2012 exclusively. Older systems have stated requirements that they need IIS, but I can't find that stated on Microsoft's sites anywhere: https://www.google.com/search?hl=en&q=site%3Amicrosoft.com%20windows%202012%20bits

I looked on here and found 56 articles related to BITS. Example: How to use BITS in Powershell to upload / download files? I tried performing the file transfer with powershell without caring about the port, but the automation of this is problematic, as I keep getting an error: The operation being requested was not performed because the user has not logged on to the network. The specified service does not exist. (Exception from HRESULT: 0x800704DD)

And ultimately, the port matters because I have to go through a firewall.

I don't want to make an assumption that the requirements from earlier versions of BITS still apply, because Murhphy's Law says I will be burned by it.

Does anyone has a possible solution to this problem? One that doesn't involve the purchase or use of non-native tools. On Linux, I would solve this with SSH, exchange some keys, and it just works. Is there anything in the windows platform that does something similar and is native to the OS?

Answer 1

Here's one way: http://www.nivot.org/post/2009/11/02/PowerShell20IntroducingThePModemFileTransferProtocol

It works over a WSMAN/PSRemoting session, so you can specify the port, use HTTPS.