I like to spend time at the beach. If I'm paged and need to perform work on a server, I don't necessarily need to travel to my office to complete the work. As long as I have a relatively strong wireless signal or my Windows Mobile 5.0 smartphone (with Windows Media Connect) tethered to my laptop, I can securely administer a server through my organization’s firewall, which lets only Secure Shell (SSH) traffic and Secure Sockets Layer (SSL) traffic through, on TCP port 22 and TCP port 443, respectively.
I use a tool known as PuTTY. This free SSH client lets me create an SSH tunnel in which I set a local port (pick any unused number, say 1234) on my Windows XP workstation to route traffic to port 3389 on the machine running Windows Server 2003 or even Windows XP SP2. Once I've connected to a UNIX/Linux server within my organization, I can start up RDP (on my XP laptop) or type mstsc at a command prompt, then enter localhost:1234. I then get an SSH-encrypted tunnel that lets RDP traffic flow through. (Note that you need a user account with remote logon privileges on the server or XP workstation for this to work.)
This, in a nutshell, is how I can securely (via SSH) perform any type of system administration on Windows servers or workstations while enjoying a sunny day at the beach!
—Josh Kunken
