Best way to access a server desktop running on Amazon

Question

I'm planning to move a Windows 2012 R2 ftp/webserver to Amazon. I'm confronted with the best way access the desktop remotely while keeping it secure.

Two options I've come up with so far are:

1. Teamviewer - but I understand that if there is no active RDP session teamviewer won't work, is that correct?
2. Windows Remote Desktop Protocol (RDP)

Are there any vulnerabilities for either option? Any other suggestions to access the desktop remotely (from my mobile phone)? I would like to avoid settings another instance in Amazon on the private cloud just to access this webserver (sounds like a waste really).

Answer 1

IMHO the best and secure way without any 3rd party solutions is to install cygwin on remote server and set up there SSH service

This way you can connect to your server over SSH using public key authentication (which rise your security to a maximum level) with help of putty (or its better incarnation KiTTY). In PuTTY's setting: Connection\SSH\Tunnels set source port to say 33890 and destination: localhost:3389, choose radio button "Local".

From now when you connected to your server over SSH your local machine will listen on port 33890 and bypass RDP connection over secure channel to remote server. (Use address of remote server in RDP connection as "localhost:33890")

This way if you don't need graphic user interface of Windows you can do anything from putty console (use any command line utilities) or if you need full featured RDP access just connect to your server over Remote Desktop connection by using "localhost:33890" as an address of remote server.

P.S. If you'll decide to use my solutions, change default SSH port 22 to something else to avoid useless crackers scanning. Not critical if you use public key authentication, but just reduce network loading on server. Second disable password authentication and allow only public key authentication, it will secure access to your box significantly.