Changed Process for Remoting into Azure VMs
This post will explain how the new process for logging into Windows Server and Linux virtual machines works in the Azure Portal.
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
The method that we used for logging into Azure virtual machines has remained unchanged since the preview days of the Azure Portal when it was still known as Project Ibiza. Microsoft changed this process recently and this post will explain how you can log into your machines today.
There are some pre-requisites:
- There must not be a firewall rule preventing access to RDP (Windows – TCP 3389) or SSH (Linux – TCP 22), whether it’s an Azure network security group (NSG) or a third-party firewall virtual appliance. Note that Just In Time VM Access could be blocking access via an NSG and you might need to request access via Azure Security Center.
- You must have network connectivity, either via a public IP address, point-to-site VPN, site-to-site VPN, or ExpressRoute.
To log into an Azure virtual machine via the Azure Portal, open the virtual machine and click on Connect in the Overview blade. A popup blade will appear on the right called Connect To A Virtual Machine. What you do from here will depend on whether your virtual machine has a Windows or a Linux guest operating system (OS).
Windows Virtual Machine
If the virtual machine is running Windows, then the popup blade should default to the RDP settings.
The popup blade shows you the TCP address and port (in case you have NAT rules via an Azure load balancer) for logging into the virtual machine’s Windows guest OS. You can use these details to manually configure the Remote Desktop Connection client or to save your settings in a remote desktop connection manager.
Alternatively, you can click the Download RDP File button to download a pre-configured RDP file. If you are connecting via VPN, ExpressRoute, or a static public IP address, then it is a good idea to save this RDP file somewhere. Then, you can open it to log into the virtual machine without using the Azure Portal again. You can edit this file (Notepad or Remote Desktop Connection) to disable/enable features and configure Remote Desktop Settings.
Linux Virtual Machine
If the virtual machine is running a Linux guest OS, then the popup blade should default to SSH settings. The information that is shared is:
- The public IP address of the virtual machine, if it has one
- The port number for connecting to SSH
- An SSH command for logging into the virtual machine using the default administrator account
An additional SSH login command might be shared if you have enabled a preview (for test purposes only at this time) feature that allows authentication via Azure AD, as shown below.
In the below screenshot, I have copied the public IP address and port number for SSH into my SSH client (PuTTY) and am logging into the virtual machine:
And in the next screenshot, I have successfully logged in: