How to SSH to an Azure Instance

So you have created a Linux server on Azure for yourself, so how do you SSH directly onto your new server? It may sound like such a simple thing to do, but believe me there are a lot of things that can cause you issues when trying to SSH.

To get SSH to work properly. You must have the following in place:

• An Active Azure Subscription:
  Needless to say, you need an active Azure subscription and the necessary permissions to manage virtual machines.
  
• Deployed Azure VM:
  You should have already deployed an Azure virtual machine running within your Azure subscription.
  
• SSH Client:
  Install an SSH client on your local machine. Popular choices include PuTTY (Windows), OpenSSH (Linux/macOS), or the Azure Cloud Shell (browser-based).
  
• Network Connectivity:
  Verify that your local machine has network connectivity to reach the Azure virtual machine. This is more complicated than it sounds. The easiest option is to have a public IP (however this is not the most secure). If you are on a business network, its likely you will access Azure over a VPN or an Express Link. If this is the case you will need access via the VPN endpoints. Contact your local network administrator if you are experiencing issues.

SSH to Azure Procedure:

Step 1 – Retrieve Your IP address

Access Azure and get your instance IP address.

• Navigate to the Azure Portal (https://portal.azure.com/).
• Locate and select your Azure virtual machine.
• Within the VM’s overview page, find and copy the Public IP Address.

If your Azure VM doesn’t have a public IP address, you’ll need to utilize an alternative method to establish an SSH connection. Here are the common approaches:

1. Azure Bastion:

• This is the most secure and recommended approach. Azure Bastion provides a fully managed PaaS service that allows you to connect to your Azure VMs over SSH and RDP directly from the Azure portal, without the need for a public IP address on the VM itself.  
  
  Azure Bastion – Fully Managed RDP/SSH azure.microsoft.com

2. Point-to-Site VPN:

• Set up a Point-to-Site VPN connection to your Azure virtual network. This creates a secure tunnel from your local machine to the virtual network, allowing you to access private IP addresses of VMs within the network, including the one you want to SSH into.  
  
  About Azure Point-to-Site VPN connections – Azure VPN Gateway | Microsoft Learn learn.microsoft.com

3. ExpressRoute or Site-to-Site VPN:

• If you have an on-premises network connected to Azure via ExpressRoute or Site-to-Site VPN, you can access your Azure VM using its private IP address through this established connection.  
  
  Site-to-Site VPN connections over ExpressRoute private peering – Azure VPN Gateway learn.microsoft.com

Step 2 – Use an SSH Client to establish an SSH Connection

For Linux/macOS/Azure Cloud Shell:

• Launch your preferred SSH
• Open a terminal window.
• Execute the following command, replacing <public-ip-address> with the actual public IP address of your VM and <username> with the appropriate username for your VM (often ‘azureuser’):

ssh <username>@<public-ip-address>

• If prompted, provide the password associated with the specified username on your Azure VM.
  (Recommended) If you have set up SSH key-based authentication, your SSH client should automatically handle authentication using your private key.

For Windows use PuTTY:

• Download and Install Putty
• Open Putty and in the host field type

 <username>@<public-ip-address>

• If prompted, provide the password associated with the specified username on your Azure VM.
  (Recommended) If you have set up SSH key-based authentication, your SSH client should automatically handle authentication using your private key.

• Access Granted:
  Upon successful authentication, you will be presented with a command-line interface within your Azure virtual machine. You can now execute commands and manage your VM remotely.

Important Considerations:

• Network Security Group (NSG): Ensure that your VM’s Network Security Group allows inbound traffic on port 22 (SSH).
• SSH Key-Based Authentication: It is strongly recommended to set up SSH key-based authentication for enhanced security.
• Azure Bastion: For a more secure and managed way to connect to your Azure VMs over SSH, consider using Azure Bastion.