msvsmon
(Visual Studio Remote Debugger) and Visual Studio itself offer 3 authentication methods:
msvsmon | VS | |
---|---|---|
Windows authentication | ✅ | ✅ |
No authentication | ✅ | ✅ |
Universal (Unencrypted Protocol) | ✅ |
But I cannot find clear documentation about what these modes are, how they work, and their differences.
The only description I can find is on MSDN's Remote Debugging, and only describes "No Authentication":
You can choose to run the remote tools in No Authentication mode, but this mode is strongly discouraged. There is no network security when you run in this mode. Choose the No Authentication mode only if you are sure that the network is not at risk from malicious or hostile traffic.
There's also some documentation from 2013: How to: Run the Remote Debugging Monitor, How to: Set Up Windows Authentication Mode, How to: Set Up "No Authentication" Mode, but I'm not sure if it's still accurate.
What are these modes? How do they work? How can I configure them?
Adapted from a colleague:
MSDN has the answer at Deploying and debugging UWP apps#Authentication Mode:
- Universal (Unencrypted Protocol): Use this authentication mode whenever you are deploying to a remote device. Currently, this is for IoT devices, Xbox devices, and HoloLens devices, as well as PCs with Windows Version 1703 (Creators Update) or later. Universal (Unencrypted Protocol) should only be used on trusted networks. The debugging connection is vulnerable to malicious users who could intercept and change data being passed between the development and remote machine.
- Windows: This authentication mode is only intended to be used for a remote PC (desktop or laptop) running the Visual Studio Remote Tools. Use this authentication mode when you have access to the credentials of the signed-in user of the target machine. This is the most secure channel for remote deployment.
- None: This authentication mode is only intended to be used for a remote PC (desktop or laptop) running the Visual Studio Remote Tools. Use this authentication mode when you have a test machine set up in an environment that has a test account signed in and you cannot enter the credentials. Ensure that the remote debugger settings are set to accept no authentication.
In other words: