But if you want to read about the journey to get here, and more details on how to use these new commands, read on. This is quite a few manual steps and, like with Linux SSH, involves opening ports up which you wouldn't normally want the Internet to be able to see. Let's see what's in our toolkit to automate and secure this. The process here is quite interesting. On Linux instances, the key data is simply dropped into the instance's SSH configuration. On Windows instances, something different happens.
When the instance boots, a special EC2 "first boot" task is run which generates a random password for the Administrator user. It then fetches the SSH public key for the instance - but instead of using it for an SSH purpose, it simply treats it as a generic RSA public key, and uses it to encrypt a copy of the Administrator password. This encrypted blob of data is then sent back to the EC2 control plane.
Again this is treated as a simple RSA private key, and EC2 uses it to decrypt the encrypted blob of data, and provides you with the cleartext password.
RSA is a standard and well-known cryptosystem, with multiple implementations, so it's entirely possible to repeat these steps in another system that we can automate. This is implemented in the Get-EC2Password command. Like the rest of these new commands, the PrivateKeyFile argument is optional. Also optional is a Region argument - omitting it will use the default region configured in your environment variables or AWS configuration files.
Having got the credentials we need to log in, we need to pass those into the Remote Desktop client somehow. The Remote Desktop client is actually mstsc. The solution turns out to be something called cmdkey. Tweet a thanks. Learn to code for free. Get started. Forum Donate. Clark Jason Ngo. Choose Services , then EC2. In the sidebar, click Instances. EC2 sidebar 4. Click Launch Instance. Launch Instance button 5. Scroll down and choose Microsoft Windows Server Base.
Choose AMI page 6. Launch with minimal configuration 7. Key pair to access the instance If you choose Choose an existing key pair , you need to select a key pair and tick the checkbox to acknowledge the use of the key pair. Last step to launch instance 8. Click the generated Instance ID. Accessing the EC2 Instance 9. Obtaining the username and password You may encounter Password not available and you'll need to wait a couple of minutes. Provisioning the auto-generated password Retrieve the key pair After uploading the key pair, click Decrypt Password.
Microsoft Remote Desktop in the App Store 2.
0コメント