Using Arc to SSH into Linux and Windows

Sep. 27, 2022

What are we doing?

We are going to use Azure Arc to SSH into a Linux (ubuntu 20.04) and a Windows Server (Server 2019) machine and run commands.

Constraints / limitations

  1. Use only Azure ARC.
  2. Use only public endpoints (I have not yet tested this with Private Endpoints) and my VPN is not currently connected to Azure.

Considerations

As of the time of this blog post (27-Sep-2022), the Azure Arc SSH functionality is in preview.

Lets build this

So, we are going to use SSH to connect to both Linux and Windows. Yes, you can connect to Windows via SSH and yes it works, we will get this working in this post.

Steps

  1. Install Azure Arc Agent on VMs
  2. Ensure that it is connected to Azure Correctly
  3. Configurations changes for SSH to work
  4. Connect via SSH

I am going to assume that steps 1 and 2 are completed already, if not. See here. The focus on this post is to connect to your environment using the azcmagent and then connecting to the virtual machine via the portal.

Linux VM

Connect via portal to linux Azure Arc machine

You will see that this is a linux vm and SSH working here is no surprise. For this post, I am using password authentication type. This is not ideal for production.

Connect via portal to linux Azure Arc machine options
Now you can click, “Connect in browser”. This will launch an Azure Cloud Shell
Connect via portal to linux Azure Arc machine button - connect in browser

GOTCHA

You may hit your first error here.

Connect via portal to linux Azure Arc machine button - connection error

The error may seem a little strange, it seems it is using port 66535 to dp a port lookup - like a proxy lookup - see here as an example of this. It is still wanting to connect to port 22, the normal ssh port. So how do we fix this?

Configuring the Azure connected machine agent is documented here and the command we need is this.

azcmagent config set incomingconnections.ports 22

Run this command on your linux machine (sudo will be needed)

Update port number from azcmagent
and then we can connect
Connect via portal to linux Azure Arc machine is successful

Windows VM

Connect via portal to Windows Azure Arc machine

The steps for connection from the portal and the required Azure connected machine agent commands are the same. However we do need to get SSH working on the Windows Server, this is actually quite easy and simply needs some copy and paste, see here. Once you have done that, your connection will work.

Connect via portal to Windows Azure Arc machine is successful

So there you have it, an SSH connection from the Azure portal to a Windows AND Linux Arc-enabled machine.

Powered by Hugo with Console Theme.