In my attempt to make Hudson EC2 plugin (which I blogged earlier) work with Windows AMIs, I wrote a little SSH daemon.

Here's the problem statement. Windows AMIs on EC2 do not have any built-in programmable remote access technology. This is a really poor packaging job of Amazon — their documentation talks about doing the remote desktop protocol (RDP) to talk to the server. This obviously prevents programs like Hudson to talk to the launched Windows instances.

The program I wrote is an SSH daemon, in the sense that it speaks SSH protocol, but at the same time, it's not a real SSH daemon. It's packaged specifically for EC2 use cases.

For example, it's not capable of launching a process in a different user account. Regardless of the user name that you provided to the authentication, the daemon will always create a new process with the same user that the daemon itself runs. It also only accepts a public key authentication, and you must provide a key you used to launch the EC2 instance. This is the most critical part of this daemon, which makes sure that only the authorized users can access the instance.

The daemon implements SCP and process execution part of SSH, so you can copy files both ways, and start arbitrary proceses on the server (and connect stdin/out/err to SSH client.) OTOH, Windows don't have the terminal in the same way Unix does, so launching a shell wouldn't really work.

For more about the project, see the project website.