Connect to an Arc VM on Azure Local using SSH and RDP over SSH
Applies to: Azure Local 2311.2 and later
This article provides an example to connect to an Azure Arc VM on Azure Local using Secure Shell (SSH) and Remote Desktop (RDP) over SSH. The example demonstrates enabling the OpenSSH Server via the Arc Extension using Azure portal and Azure CLI.
You can open an RDP connection to every Windows Server from the Azure CLI without a VPN or another open port through your firewall. For more information, see SSH access to Azure Arc-enabled servers.
Before you begin, ensure that you:
Have access to Azure Local that is running the latest version of software.
Install the OpenSSH Server Extension.
You can install the OpenSSH Server Extension via Azure portal or using PowerShell. Installing the extension via Azure portal is the recommended method.
Install the OpenSSH Server Extension via Azure portal
To install the extension via Azure portal, navigate to Extensions and select the OpenSSH for Windows - Azure Arc option.
Install the OpenSSH Server Extension via PowerShell
Use the following steps to install the OpenSSH Server Extension via PowerShell:
Open a Windows PowerShell session as an administrator.
Run the following cmdlets to ensure that the required Azure CLI Extensions are installed:
PowerShellaz extension add --upgrade --name connectedmachine az extension add --upgrade --name sshc. Sign in to Azure:
PowerShellaz login --use-device-coded. Set appropriate parameters:
PowerShell$resourceGroup="<your resource group>" $serverName = "<your server name>" $location = "<your location>" $localUser = "<your username>" # Use a local admin account for testinge. Install the
OpenSSHArc Extension:PowerShellaz connectedmachine extension create --name WindowsOpenSSH --type WindowsOpenSSH --publisher Microsoft.Azure.OpenSSH --type-handler-version 3.0.1.0 --machine-name $serverName --resource-group $resourceGroupHere's a sample output:
PowerShellPS C:\Users\labadmin> az connectedmachine extension create --name WindowsOpenSSH --location westeurope --type WindowsOpenSSH --publisher Microsoft.Azure.OpenSSH --type-handler-version 3.0.1.0 --machine-name $serverName --resource-group $resourceGroup { "id": "/subscriptions/<SubscriptionName>/resourceGroups/<ResourceGroupName>/providers/<ProviderName>/machines/<MachineName>/extensions/WindowsOpenSSH", "location": "westeurope", "name": "WindowsOpenSSH", "properties": { "autoUpgradeMinorVersion": false, "enableAutomaticUpgrade": true, "instanceView": { "name": "WindowsOpenSSH", "status": { "code": "0", "level": "Information", "message": "Extension Message: OpenSSH Successfully enabled" }, "type": "WindowsOpenSSH", "typeHandlerVersion": "3.0.1.0" }, "provisioningState": "Succeeded", "publisher": "Microsoft.Azure.OpenSSH", "type": "WindowsOpenSSH", "typeHandlerVersion": "3.0.1.0", }, "resourceGroup": "<ResourceGroupName>", "type": "Microsoft.HybridCompute/machines/extensions" } PS C:\Users\labadmin>f. You can see
WindowsOpenSSHExtension in the Azure portal Extensions list view.
备注
You may be asked to allow Arc SSH to set up port 22 for SSH.
Use the following steps to connect to Azure Local.
Run the following command to launch Arc SSH and sign in to the server:
PowerShellaz ssh arc --resource-group $resourceGroup --name $serverName --local-user $localUserYou're now connected to Azure Local over SSH:
To sign into Azure Local using RDP over SSH, run the following command with the RDP parameter:
PowerShellaz ssh arc --resource-group $resourceGroup --name $serverName --local-user $localUser --rdpSign in to the local server for RDP over SSH.
Sign in to authenticate for RDP.
You can see the desktop for the remote desktop connection.
You set up an RDP tunnel over SSH into your Azure Local using Azure CLI without any VPN or open ports at your firewall.
