Comments on: SSHing into a Windows Server on Amazon’s EC2 http://www.eburcat.com/2009/05/sshing-into-a-windows-server-on-amazons-ec2/ Hacks, סביבה, and more... Fri, 16 Jul 2010 16:03:33 +0000 hourly 1 http://wordpress.org/?v=3.0 By: John Hart http://www.eburcat.com/2009/05/sshing-into-a-windows-server-on-amazons-ec2/comment-page-1/#comment-5493 John Hart Fri, 02 Jul 2010 01:16:53 +0000 http://www.eburcat.com/?p=274#comment-5493 That update_cygwin script does a lot of stuff, making me suspect is is brittle. We went the AutoExNT route suggested above but found a much simpler implementation: we use AutoExNT to run ssh-host-config at startup if the service isn't already running. AutoExNT's batch file checks the instance's user-data and, if desired, runs this bash script: if ! cygrunsrv -Q sshd; then ssh-host-config -y -c ntsec -w net start sshd fi As a matter of hygiene we don't run this script on our AMI source instances - in other words, our AMI source image lineage never has sshd turned on. Instead, the above script is only run on production instances that are launched from our rebundled AMIs but which are not themselves destined to be rebundled. To circle back, that's where checking user-data comes in - to decide whether or not to run ssh-host-config. However, I do believe the above solution works even if you're working off an AMI that itself had run ssh-host-config previously, but we don't do it as a matter of course. YMMV. That update_cygwin script does a lot of stuff, making me suspect is is brittle. We went the AutoExNT route suggested above but found a much simpler implementation: we use AutoExNT to run ssh-host-config at startup if the service isn’t already running. AutoExNT’s batch file checks the instance’s user-data and, if desired, runs this bash script:

if ! cygrunsrv -Q sshd; then
ssh-host-config -y -c ntsec -w
net start sshd
fi

As a matter of hygiene we don’t run this script on our AMI source instances – in other words, our AMI source image lineage never has sshd turned on. Instead, the above script is only run on production instances that are launched from our rebundled AMIs but which are not themselves destined to be rebundled.

To circle back, that’s where checking user-data comes in – to decide whether or not to run ssh-host-config. However, I do believe the above solution works even if you’re working off an AMI that itself had run ssh-host-config previously, but we don’t do it as a matter of course. YMMV.

]]> By: Eitan Burcat http://www.eburcat.com/2009/05/sshing-into-a-windows-server-on-amazons-ec2/comment-page-1/#comment-3443 Eitan Burcat Tue, 26 Jan 2010 12:16:11 +0000 http://www.eburcat.com/?p=274#comment-3443 Update: we decided to abandon SSHding into machines, we had too many problems with cygwin - probably it's still not ready for production in virtualized machines. Update 2: Instead of autoexnt we now use group policy to auto start applications on machine loading. Update 3: Bundling might not be that problematic anymore, with EBS machines. Update: we decided to abandon SSHding into machines, we had too many problems with cygwin – probably it’s still not ready for production in virtualized machines.
Update 2: Instead of autoexnt we now use group policy to auto start applications on machine loading.
Update 3: Bundling might not be that problematic anymore, with EBS machines.

]]> By: Shlomo http://www.eburcat.com/2009/05/sshing-into-a-windows-server-on-amazons-ec2/comment-page-1/#comment-1835 Shlomo Thu, 10 Sep 2009 09:07:46 +0000 http://www.eburcat.com/?p=274#comment-1835 Thanks for this writeup. Big help. I can't believe it requires so many manual steps (click, turn off IE warning, click again, turn off another IE warning, repeat ad nauseum) to be able to make an AMI that whose sshd works! Thanks for this writeup. Big help.

I can’t believe it requires so many manual steps (click, turn off IE warning, click again, turn off another IE warning, repeat ad nauseum) to be able to make an AMI that whose sshd works!

]]> By: Eitan Burcat http://www.eburcat.com/2009/05/sshing-into-a-windows-server-on-amazons-ec2/comment-page-1/#comment-1144 Eitan Burcat Fri, 10 Jul 2009 07:30:39 +0000 http://www.eburcat.com/?p=274#comment-1144 I use both of them as clients, what was challenging is to install an SSH server that could accept their connections on the EC2 machines... I use both of them as clients, what was challenging is to install an SSH server that could accept their connections on the EC2 machines…

]]> By: Roman http://www.eburcat.com/2009/05/sshing-into-a-windows-server-on-amazons-ec2/comment-page-1/#comment-1142 Roman Wed, 08 Jul 2009 21:54:03 +0000 http://www.eburcat.com/?p=274#comment-1142 Have you looked at PuTTY and WinSCP? Have you looked at PuTTY and WinSCP?

]]> By: sergio http://www.eburcat.com/2009/05/sshing-into-a-windows-server-on-amazons-ec2/comment-page-1/#comment-1096 sergio Fri, 19 Jun 2009 05:27:28 +0000 http://www.eburcat.com/?p=274#comment-1096 Looks like The Resource Kit is not supported on 64bit platforms. Any alternatives to AutoExNT ? Looks like The Resource Kit is not supported on 64bit platforms. Any alternatives to AutoExNT ?

]]> By: Eitan Burcat http://www.eburcat.com/2009/05/sshing-into-a-windows-server-on-amazons-ec2/comment-page-1/#comment-1081 Eitan Burcat Fri, 12 Jun 2009 11:06:37 +0000 http://www.eburcat.com/?p=274#comment-1081 :) :)

]]> By: Mike Darnell http://www.eburcat.com/2009/05/sshing-into-a-windows-server-on-amazons-ec2/comment-page-1/#comment-1052 Mike Darnell Sun, 31 May 2009 09:11:15 +0000 http://www.eburcat.com/?p=274#comment-1052 I spent some time yesterday SSHing my niece. She's eight months old and gets cranky if she doesn't get her nap time. Does the Green Party Meymad know you've associated their logo with your occult geekish texts? Cheers, Mike I spent some time yesterday SSHing my niece.
She’s eight months old and gets cranky if she doesn’t get her nap time.

Does the Green Party Meymad know you’ve associated their logo with your occult geekish texts?

Cheers,
Mike

]]>