Pressing Windows + R on Azure Bastion connection to Windows VM results in run dialogue displaying on my local Windows PC instead of the remote VM. Is there a way to use the Windows key shortcuts on the remote VM?
I don't think there is a way to use the Windows key shortcuts on the remote VM via the Azure Bastion connection as the Azure Bastion service is a new fully platform-managed PaaS service. It provides secure and seamless RDP/SSH connectivity to your virtual machines directly in the Azure portal over SSL.
When you connect to remote VM via Azure Bastion, Azure Bastion uses an HTML5 based web client that is automatically streamed to your local device, so that you get your RDP/SSH session over SSL on port 443 enabling you to traverse corporate firewalls securely. In fact, in this case, you are not directly connecting to the remote VM in an RDP session. Currently, Azure Bastion also does not help direct the windows key to the remote VM.
As a workaround, you can use the Windows key shortcuts on the remote VM via KeyBoard redirection on the remote desktop connection. As the picture displayed, select the Apply Windows key combinations on the remote computer when you directly connect to the remote Azure VM with the remote desktop connection.
Easiest way (& only) I've found is by using the on-screen keyboard
The Windows key is sticky, so it's just two mouse clicks
Related
I am developing some machine learning code and I just got an AWS instance for that. To access the instance, I need to
ssh from the local machine to a bastion server (which is also an AWS instance).
ssh from the bastion server to the development machine.
For development, I would like to attach Visual Studio to the remote machine. Is there a way for doing that? I tried adding a ~/.ssh/config file with the login credentials in the bastion server, but that does not change the available hosts listed by Visual Studio.
I think you need to use this plugin and follow this blog:
https://code.visualstudio.com/blogs/2019/10/03/remote-ssh-tips-and-tricks#_proxycommand
For a quick description, it will open a connection to the bastion in the background, and then it will connect to your development instance
I have disabled the network card of my virtual machine in Google Cloud (right clic - Disable). Now it is impossible for me to reconnect or reactivate it. I'm new to this and can't figure out how to reactivate it.
If anyone has the solution, it would be helpful.
You cannot reactivate the interface because the vm just lost control with Google cloud when you deactivated the network interfacte.
You need to connect to the machine using the machine serial port (like in the old days).
Open the VM from the web interface and click in "edit".
Then select "Enable connecting to serial ports " (it is the first thing you can choose), and save the changes.
Open again the VM and wou'll see in "Remote Access" you can SSH to the machine AND connect to the serial port.
Once you have serial port access, you can log in.
If you don't have a user in the VM (because you used your GCP user) you'll need to reboot the VM while you're connected to the VM using the serial console and do a root password recovery.
I've setup an Ec2 instance of Windows server 2016 on AWS.
I can map to a shared drive on this instance from my home (desktop, and laptop) and mobile device. I use domain from home, and IP on mobile.
I bring my laptop to the office and am unable to map to the drive. I have access to RDP still, but no SMB. I believe this is blocked from the ISP.
I tried connecting from home, while connected to a different location on ExpressVPN, and was unable to connect.
The instance hosts software used by the company. There is a DB on the instance and the software on the workstations/endpoints is able to connect to the DB on the instance.
I read I should switch the SMB port to 80. I opened some ports, but still can't connect.
I'm attempting to find a completely remote / cloud-based development workflow.
I've created an aws free-tier ec2 instance and on that box I've been developing a gatsby site (the framework doesn't matter, the solution I'm looking for should be framework agnostic). Since the code is on another box, I can't run the dev server and then from the local computer hit localhost as I would normally.
So,
What do I need to do so that I can run gatsby develop and hit my dev server that's hosted on the ec2 box?
How do I provide public access to that endpoint?
Is it possible to provide temporary access so that when I log off of the box, it's no longer accessible?
Is there some mechanism I can put into place so that I'm the only one that can hit that endpoint?
Are there other features that I should be taking advantage to secure that endpoint?
Thanks.
I can't run the dev server and then from the local computer hit localhost as I would normally
You can. You can use ssh to tunnel your remote port to your localhost, and access the server from your localhost.
What do I need to do so that I can run gatsby develop and hit my dev server that's hosted on the ec2 box?
ssh into the dev server, run gatsby develop and either access it on localhost through ssh tunnel or make it public to access through its public IP address.
Use sshfs to mount a development folder on the dev server onto your localhost.
Alternatively, you can setup vncserver on the dev server, tunnel vnc connection using ssh, and access the dev server using through a remove desktop. Something liteweight would be good, e.g. fluxbox as a desktop environment for vnc.
Is it possible to provide temporary access so that when I log off of the box, it's no longer accessible?
yes. through ssh tunnel. You close tunnel and the access is finished.
Is there some mechanism I can put into place so that I'm the only one that can hit that endpoint?
ssh tunnel along with security group to allow ssh for your IP address only.
Are there other features that I should be taking advantage to secure that endpoint?
Security groups and ssh tunneling would be primary choices to ensure secure access to the dev server.
You can also make the endpoint public, but set security group of your dev server to allow internet access only from your IP.
You could also put the dev server in a private subnet for full separation from the internet. Use bastion host to access it or setup double ssh tunnel to your localhost.
Other way is to do all development on localhost, push code to CodeCommit and have CodePipeline manage deployment of your code to your dev server using CodeDeploy.
You can also partially eliminate ssh by using SSM Session Manager.
Hope this helps.
I have installed mosquitto broker on virtual machine at port 1883.This virtual machine is hosted on azure cloud.To gain access to this broker i have opened the ports by adding inbound rules.Still i am not able to publish to this mosquitto broker from outside network.
I have added the inbound rules by allowing port 1883 to allow access from the outside network
string ClientId = new Guid().ToString();
client = new MqttClient("104.211.219.200", 1883, false, null);
client.Connect(ClientId);
client.Publish("local", Encoding.UTF8.GetBytes("Message from local PC"), MqttMsgBase.QOS_LEVEL_EXACTLY_ONCE, false);
According to your description, per my experience, I think your mosquitto not works now is caused by not adding a NSG rule for your VM networking interface to allow the inbound requests from port 1883.
Here is my steps to install mosquitto server on my Azure Windows VM. Hope it helps.
On Azure portal, to create a Windows VM with Windows 2012 R2 Datacenter.
Enable Just-in-time access feature in tab Configuration, then to download a RDP file to access this VM.
I uploaded the mosquitto server installation file (a x64 distribution, it comes from https://mosquitto.org/download/) to Windows VM, and try to install it.
I got a issue about missing VCRUNTIME140.dll, then to install a VC++ 2015 distribution installation (it comes from https://www.microsoft.com/en-us/download/details.aspx?id=48145) to fix it.
Then, I open a command window at the mosquitto path and to run it.
Add an inbound rule into Windows Firewall with Advanced Security. It allows the requests from port 1883 on Windows.
Add an inbound rule into the NSG networking interface to allow the requests from port 1883 on Azure VNET.
I was using a MQTT desktop client MQTT.fx (it comes from https://www.hivemq.com/blog/seven-best-mqtt-client-tools/) to test for connecting, publishing & subscribing a test message.