How to establish a secure connection to a Windows VPS using SSH and VMWare?

First we need to understand the terms VPS, SSH and VMWare.

VPS is virtual dedicated hosting, which enables many websites to be located on the same server by creating partitions in the server and giving each of those websites a secure and undisturbed environment which is unaffected by the workings of another website on the same server. This means that even though one website on the same server host is facing problems, others will not. It is cost effective and much more secure than shared hosting.

SSH stands for secure shell environment. SSH is a protocol that is used when there is a need to transfer data securely over networks that are open and insecure networks. This is used to establish a secure connection and also to encrypt all the data that is transferred from a client to a server and vice versa.

VMWare slices up the hosting company’s server into several entirely separate servers virtually, which run on a single base operating system. These virtual slices or machines run completely independently and function as separate entities. Should one virtual entity experience a problem or crash, others are not affected? Each of these entities has its own disk space, operating system, network space and its own memory.

Today most web hosting companies allow you to lease your own Windows 2003 Virtual Private Server (VPS). This is definitely a good deal since you get your own dedicated server for a fraction of what you would pay for an actual server. However, the Virtuosso system has certain drawbacks. It is not a “true” virtual machine,. Some corners have been cut to make this cost effective. The drawbacks are that Windows does not recognize the SWSoft network adapter as a true network adapter. Hence you are not able to configure VPN with Networking and Remote Access, another difficulty is that you cannot install any third party software like Hamachi or OpenVPN.

The good news is that you can work around these disadvantages and establish a secure connection that works like a VPN connection from your Windows computer.

Your first step would be to log in to your VPS. You will be doing this via Remote Desktop over the internet. Once you are logged in, look for and download the free copSSH server and install it.

The next step is to open the firewall on the VPS to and take in incoming requests to the cpSSH. Since the cpSSH accesses the port 22, it’s the default configuration, switch the port for security reasons.

Using certificates configure the port that you will use to connect to cpSSH. You can use self sign certification at the root CA. If you find this too complex and difficult, configure it to a username and password kind of authentication. It is slightly less secured but good enough.

Install VMWare Server Software. It is free and you have the option of using 1.0 or 2.0 versions, both are available.

Now you need to create a virtual machine using 256MB RAM and about 8MB disk space. It is recommended that you use a NAT network adapted. Install the basic copy of Windows Web (2003 or XP, or even 2000) into this VM and turn of all service to the workstation and server. In short disable the communication over TCP/IP. You do not need the VM to communicate with any port that you want to tunnel to the VPS.

Now log into the new VM and download and install BitVise Tunnelier, a free SSH client. Configure it to connect with cpSSH server on the VPS.

Configure your VM to server forwarding through your tunnel, determine the IP address of your VM. Now setup your C2S forwarding.

This is the basic and simplest way to establish a secure connection to Windows VPS using SSH and VMWare.

Often this is too complicated for non-technical people and many of the steps involve technical know how. Basically you are setting up a VPN and for that you need to set up a router, configuring ports and also configuring your client or the new VM you are setting up.

You can set up this entire thing in a simple manner, without third party software using the software suite included in Windows XP, Vista and Windows Server Editions. Alternatively you can get a computer software engineer set up the entire routing through a control computer and also set up the IP addresses for each VM. This control computer will then serve as your VPN server which can then be monitored separately.