The file C:\ezfio\ezfio.ps1 is not digitally signed.

Question

The file C:\ezfio\ezfio.ps1 is not digitally signed.

coolrecep opened this issue 6 years ago · comments

Even though Set-ExecutionPolicy -scope CurrentUser RemoteSigned command is applied, I kept getting this error:

./ezfio : File C:\ezfio\ezfio.ps1 cannot be loaded. The file C:\ezfio\ezfio.ps1 is not digitally signed. You cannot run
this script on the current system. For more information about running scripts and setting execution policy, see about_
Execution_Policies at https:/go.microsoft.com/fwlink/?LinkID=135170.
At line:1 char:1
./ezfio
  + CategoryInfo          : SecurityError: (:) [], PSSecurityException
  + FullyQualifiedErrorId : UnauthorizedAccess

The solution was to use this command:

Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass

Regards

coolrecep · Answer 1 · Sat Aug 11 2018 00:34:45 GMT+0800 (China Standard Time)

And got some errors:

Earle F. Philhower, III · Answer 2 · Sat Aug 11 2018 01:18:56 GMT+0800 (China Standard Time)

Howdy again, @coolrecep. I just got back from business travel so will give this a look at in depth probably early next week.

Did you just update (or did MSFT do it behind your back) Windows? It was working for you before, of course, so this is weird. What version of Windows, as well.

My guess is that the latest W10 rollup removed or changed some PS permissions, and changed some of the .NET assemblies included. That BitmapImage bit is related to the icon generation for the window.

If you need to run something right now, you can use the command line options which doesn't try and make a GUI window (run it with --help to get the parameter names). The same output file is generated as the GUI, of course.

coolrecep · Answer 3 · Sat Aug 11 2018 19:55:09 GMT+0800 (China Standard Time)

Hi Earl,

I do always update Windows to latest version before performing a test. This is the version I'm using ATM:

I got the GUI and tested fine. This time, I also got my hands on a 32 Core CPU. I'll ask for you to compare results of a 6 core and a 32 core CPU :)

Thanks.

Earle F. Philhower, III · Answer 4 · Mon Aug 13 2018 03:50:32 GMT+0800 (China Standard Time)

Microsoft client OS is a difficult beast.

You can't actually download a Win10 ISO from Linux (or at least I can't seem to get the page to give anything other than an unspecified error and to "try again later.").

On my Win7 VM it also won't let you download the ISO, it requires you to run the Media Generator.exe. Which requires 8GB of free space on C:, even if you're downloading to D:, and sends who knows what and makes who knows what changes to the OS while it runs as Admin (even if you're just making an ISO!).

And, to top it off, Win7 doesn't include the powershell Storage module by default I can't even test things in the interim.

Did you do anything to make the GUI work, other than the change to the script signing? I'm inclined to just change the top comment to Bypass and call it a day...ugh!

coolrecep · Answer 5 · Mon Aug 13 2018 04:18:32 GMT+0800 (China Standard Time)

Fired up a Powershell window as admin
Applied the bypass command.
Ran the script with ./ezfio command

You can download the ISO form here: https://tb.rg-adguard.net/public.php

Earle F. Philhower, III · Answer 6 · Fri May 22 2020 00:09:37 GMT+0800 (China Standard Time)

I've finally been able to reproduce your warning, but only by directly downloading the script directly and not using GIT or other tools.

The solution, though, I think is safer than what you recommended. Just right-click on the file and use the Properties menu. You can check the "Unblock (this file is remote)" option and then the original readme's "remoteSigned" can work fine:

Making it "Bypass" will remove any protection on the system, so I think that's not something I would recommend.