Access the Gateway Connector using OpenSSH

Note: OpenSSH is enabled in the AWS Gateway Connector AMI by default. Do not complete this task if you are installing the connector to your AWS environment. See Configure your firewall for the Gateway Connector to continue with the Gateway Connector setup.
OpenSSH is preinstalled on the connector image and allows you to access the Gateway Connector and perform system operations and maintenance using the SSH protocol. By default, the OpenSSH service is disabled. You must enable the OpenSSH service and generate the host keys each time that you access a Gateway Connector instance using OpenSSH. In Microsoft Entra ID environments, incoming TCP traffic must be allowed.
Verify that port 22 (SSH), port 80 (HTTP), and port 443 (HTTPS) are open and that the security group has access to the Gateway Connector from the network that the enrollment is being connected from.
  1. Do one of the following to open the console in your environment.

    Environment

    Description

    vSphere
    1. Log in to your environment.
    2. Click the host name of the Gateway Connector.
    3. Click Launch Remote Console or Launch Web Console.

    ESXi
    1. Log in to your environment.
    2. Click the host name of the Gateway Connector.
    3. Click Console.

    Microsoft Entra ID
    1. Sign in to the Microsoft Entra ID management portal at https://portal.azure.com.
    2. Click Virtual machines.
    3. Click the connector that you created in Install the Gateway Connector to a Microsoft Entra ID environment, step 5.
    4. In the left menu, in the Support + troubleshooting section, click Serial console.
    5. In the left column, click Boot diagnostics.
    6. Click the Settings tab.
    7. Select Enable with custom storage account.
    8. In the Diagnostics storage account, drop-down list, select the storage account that you created in Install the Gateway Connector to a Microsoft Entra ID environment, step 3.
    9. Click Save.
    10. On the connector screen, in the left menu, in the Support + troubleshooting section, click Serial console.

    Hyper-V
    1. Open the Hyper-V Manager.
    2. Right-click the connector that you want to access > Connect.
  2. At the UNIX prompt, type the administrator username and press Enter. The default username is admin.
  3. Type the administrator password. The default password is admin.
  4. Generate the host keys for the OpenSSH service. Type sudo dpkg-reconfigure openssh-server. Press Enter.
  5. If you are prompted, enter the administrator password.
  6. Enable the OpenSSH service. Type sudo systemctl --system enable ssh. Press Enter.
    Note: This command does not start the service.
  7. Start the OpenSSH service. Type sudo systemctl --system start ssh. Press Enter.
  8. You can complete any of the following actions (optional):

    Task

    Steps

    Disable the OpenSSH service from starting during the system startup.

    Type sudo systemctl --system disable ssh. This command does not stop the service.

    Stop the OpenSSH service.

    Type sudo systemctl --system stop ssh. Press Enter.

    Verify if the OpenSSH service is enabled.

    Type sudo systemctl --system is-enabled ssh.

    Verify if the OpenSSH service is running.

    Type sudo systemctl --system is-active ssh.

    Obtain the status of the OpenSSH service

    Type sudo systemctl --system status ssh.
  9. Exit the console.
  10. Optionally, in a Microsoft Entra ID environment, you can disable the Boot diagnostics settings for the connector VM that you configured in step 1.