Setup and Configure Azure Bastion to Securely connect to Azure Virtual Machines

Last week, Microsoft Azure Team has calmly announced the preview release of one of the exciting features known as Azure Bastion. The concept of using an Bastion Host is nothing new, where one would configure one of the Virtual Machines as Bastion or HopBox and then connect to other private virtual machines configured in the virtual network. This would help providing some security as instead of securely managing all of the virtual machines in an given network, you would need to securely connect and manage only Bastion Host, which is having Public IP address assigned for the connections. However, the onus of configuring all the required networking setup, installing and configuring ssh and rdp protocols, timely patching and hardening of the Bastion Host still lies with the Azure/AWS Administrator. Continue reading “Setup and Configure Azure Bastion to Securely connect to Azure Virtual Machines”

Become root user on Linux servers in Azure

root is the user name or account that by default has access to all commands and files on a Linux or other Unix-like operating system. It is also referred to as the root account, root user and the superuser. The root account is the most privileged on the system and has absolute power over it (i.e., complete access to all files and commands). Among root’s powers are the ability to modify the system in any way desired and to grant and revoke access permissions (i.e., the ability to read, modify and execute specific files and directories) for other users, including any of those that are by default reserved for root.

It is therefore, many times, you need to login as root in order to perform certain administrative actions. Continue reading “Become root user on Linux servers in Azure”

Creating an user account named administrator in Azure VM

We all know that while creating a virtual machine in Microsoft Azure (whether in classic or resource manager portal), it won’t allow to create an administrative user account named as ‘administrator’ at the time of provisioning. Not that its a good practice anyway and security pro’s have been advising to not create it from a long time. However some old legacy applications might not work if it does not exist. So once the virtual machine is provisioned, you can go ahead and create it fine using local users and groups console (or you can use shortcut lusrmgr.msc).  …Continue Reading

Enable PowerShell remoting on Azure RM virtual machines

PowerShell remoting is useful to manage virtual machines using PowerShell. When you create a virtual machine in the classic azure model, a winrm endpoint is automatically configured and can be used to manage virtual machines. You’ll just need to import ssl on your local machine and connect to the remoting session. However, same is not created if you create a virtual machine in the resource manager model. So if you try to connect using PowerShell remoting for azure rm vm, you’ll see …Continue Reading