Connect to Public Cloud VMs

This topic explains the prerequisites required for users to connect to public cloud VMs through Commander.

It also explains how to connect to if those prerequisites are met.

AWS prerequisites

You must configure inbound and outbound rules for the instance's security group.

Windows RDP connections:

For certain EC2 Windows instances, AWS generates an encrypted password for the Administrator account when the instance is launched. To connect to the Windows instance, you must retrieve this password in the AWS console. To learn how, see How do I retrieve my Windows administrator password after launching an instance? in the AWS documentation.

Linux SSH connections:

By default, password authentication is disabled for EC2 Linux instances, so a key pair must be used for authentication. See Enable Key Pair SSH Connections to Amazon EC2 VMs to learn how to set up automatic SSH connections with a key pair.

If password authentication is enabled for a Linux instance, you can open an SSH connection without a key pair, and you'll be prompted for credentials.

To enable password authentication for a Linux instance, you must edit the VM's SSH config file. The following example shows how to enable SSH password authentication on Ubuntu:

  1. Edit the following file:

    /etc/ssh/sshd_config

  2. Add or edit the value of the PasswordAuthentication line so that it reads as follows:

    PasswordAuthentication yes

  3. Restart the SSH service:

    sudo service ssh restart

Azure prerequisites

You must configure inbound and outbound port rules for the instance's network security group.

Azure requests credentials when an image is provisioned; these credentials must be used to connect to the deployed instance.

GCP prerequisites

You must configure firewall rules on the instance's network interface.

Windows RDP connections:

For certain GCP Windows instances, GCP generates an encrypted password for the Administrator account when the instance is launched. To connect to the Windows instance, you must retrieve this password in the GCP console. To learn how, see Generate credentials for Windows VMss in the GCP documentation.

Linux SSH connections:

By default, password authentication is disabled for GCP Linux instances, so a key pair must be used for authentication.

If password authentication is enabled for a Linux instance, you can open an SSH connection without a key pair, and you'll be prompted for credentials.

To enable password authentication for a Linux instance, you must edit the VM's SSH config file. The following example shows how to enable SSH password authentication on Ubuntu:

  1. Edit the following file:

    /etc/ssh/sshd_config

  2. Add or edit the value of the PasswordAuthentication line so that it reads as follows:

    PasswordAuthentication yes

  3. Restart the SSH service:

    sudo service ssh restart

Secure access prerequisites

If you want provide users with secure connections to VMs, such as secure RDP, secure VNC, or secure SSH, you must set up one or more Commander VM Proxies. Commander VM Access Proxies allow you to secure your virtualized infrastructure behind a firewall while still permitting your users remote access to their VMs.

For more information, see Set Up VM Access Proxies.

Open connections to public cloud VMs

Access:

Views > Inventory > Infrastructure, Applications, or Storage

Available to:

Administrator and All Operator Levels of Access Rights

  • To open a connection to a VM, right-click a VM in the tree or on the Virtual Machines tab, select Open Connection, then choose the connection type:
    • Open RDP Session: Opens an RDP connection to a running Windows VM, using the RDP client.
    • Open Secure RDP Session: Opens an RDP connection to a running Windows VM using a user name and password, in your browser, using a Commander VM Access Proxy. In the Credentials dialog, enter the user name and password, and click OK.

      • In a secure RDP session, if Caps Lock is enabled, duplicate characters may be printed for the characters c, x and v. Use the Shift key instead of enabling Caps Lock.

    • Open VNC Session: Opens a VNC connection to a running VM, using a VNC client.
    • Open Secure VNC Session: Opens a VNC connection to a running VM, in your browser, using a Commander VM Access Proxy. In the Credentials dialog, enter the password and edit the default port of 5900 if required, and click OK.
    • Open Secure SSH Session: Opens an SSH connection to a running Linux or Solaris VM using a user name and password, in your browser, using a Commander VM Access Proxy. In the Credentials dialog, enter the user name and password, and click OK.
    • Open Secure SSH Session with Key Pair: Opens a secure SSH connection to a running Linux or Solaris VM using a key pair, in your browser, using a Commander VM Access Proxy. Supported only for Amazon EC2 instances. See Enable Key Pair SSH Connections to Amazon EC2 VMs to learn how to set this up.