how to connect with a windows vm using ssh and entra id?

Question

We managed to set up a local account on the Windows VM and connect with it using SSH by following the guidance on https://learn.microsoft.com/en-us/azure/virtual-machines/windows/connect-ssh?tabs=azurecli

We would like to use Entra ID accounts. Through RDP this is working; using the guidance https://learn.microsoft.com/en-us/entra/identity/devices/howto-vm-sign-in-azure-ad-windows

On Linux VMs there is guidance how to log in though SSH using Entra ID accounts: https://learn.microsoft.com/en-us/entra/identity/devices/howto-vm-sign-in-azure-ad-linux

Is it possible to log in through SSH on Windows VMs using Entra ID accounts?

When we run

az ssh vm --local-user azuread******@mydomain.com --subscription mysubscription -g mygroup -n myvm --private-key-file C:\users\someuser.ssh\id_rsa

We get a connection reset error.

Answer 1

Hi carlintveld,
Thank you for reaching out to us on the Microsoft Q&A forum.

Could you please share the error details along with a screenshot so that we can assist you further.
Are you able to see the AADLoginForWindows extension on your VM

If the extension is not visible, please try installing it using the following CLI command, replacing <YourResourceGroup> and <YourVMName> with your actual resource group and VM name:

az vm extension set --publisher Microsoft.Azure.ActiveDirectory --name AADLoginForWindows --resource-group myResourceGroup --vm-name myVM 

Please find the below document for information:
https://learn.microsoft.com/en-us/entra/identity/devices/howto-vm-sign-in-azure-ad-windows#azure-cloud-shell

If the information is helpful, please consider by clicking the "Accept answer and Upvote" on the post.
If you have any further queries, please let us know in the comment. We are glad to help you.