Blog

The following Linux procedure describes how to use at the same time 2 network interfaces connected to the same AWS subnet and, which is more important, how to make both communication works well internally (between hosts on the same subnet) and also externally (both interfaces visible from the Internet). This can be useful for example when you want the same EC2 instance to host a web server serving http or https requests and at the same time have a websockets server ws:// or wss:// listening on the same port 80 or 443 respectively. Although there are other ways to achieve this such as configuring Nginx to be able to discriminate web traffic (http) from websockets traffic (ws) and act as a proxy to redirect the corresponding requests to the websockets server, this other solution I propose seems simpler and to some extent more efficient because it is not necessary to redirect traffic, which will always introduce a small latency, and allows to keep both servers completely independent within the same host. The only drawback is that you will need to assign 2 Elastic IP addresses to the same EC2 instance instead of only 1, but at the same time this will give you more flexibility when establishing rules in the security groups or in the subnet NAT rules.

Many corporate and heterogeneous networks use the rsync protocol to perform server backups or to keep files synchronized automatically from one or more directories on different machines. Linux natively incorporates the rsync utility and other associated tools, but what do you do when you need to backup Windows folders automatically from a NAS or a remote machine? One option could be to use Samba to read the contents of those folders from Linux, but it would be a fairly complex solution, because it would force us to configure Samba on the server side, set the various permissions and configuration options in Windows and place both machines on the same local network or configure complex rules on our firewall to allow SMB/CIFS traffic. And yet, the file transfer through the network would not be safe, because it would be made text clear with no encryption.

Neither version of Windows, either Windows XP, Windows 7, or 8 or more modern versions such as Windows Server 2008 or Windows 2012, provides an SSH server to use a standard way to access from other machines with different operating system and be able to run console commands, copy files, forward ports or automate logins by using public/private keys. The Microsoft alternative to this is WinRM / Powershell, but many are the chances that we will need to find a standard and compatible way to access to other systems, and what better way to do this than using the widespread and well-known SSH protocol to get into our Windows machines securely.