{"id":4073,"date":"2024-04-25T17:44:26","date_gmt":"2024-04-25T17:44:26","guid":{"rendered":"https:\/\/www.gubatron.com\/blog\/?p=4073"},"modified":"2024-04-25T17:44:26","modified_gmt":"2024-04-25T17:44:26","slug":"remotely-code-signing-windows-apps-using-aws-virtual-servers-and-a-physical-usb-key","status":"publish","type":"post","link":"https:\/\/www.gubatron.com\/blog\/remotely-code-signing-windows-apps-using-aws-virtual-servers-and-a-physical-usb-key\/","title":{"rendered":"Remotely Code Signing Windows Apps Using AWS Virtual Servers and a Physical USB Key"},"content":{"rendered":"

As a developer, you may find yourself in a situation where you need to code sign your Windows applications using a physical USB signing key, but you don’t have direct access to a Windows machine. Fortunately, with the power of cloud computing and remote desktop technology, you can set up a remote Windows environment on AWS and securely use your USB signing key from anywhere.<\/p>\n

In this blog post, we’ll explore how to configure an AWS EC2 instance with Windows Server, connect to it using Remote Desktop Protocol (RDP), and redirect your local USB signing key to the remote machine for code signing purposes.<\/p>\n

Step 1: Launch an EC2 Instance on AWS<\/h2>\n

To get started, launch an EC2 instance on AWS and select an Amazon Machine Image (AMI) with Windows Server (2016, 2019, or 2022) that supports Remote Desktop Protocol (RDP). Choose an instance type that meets your performance requirements and configure the security group to allow inbound RDP access (port 3389) from your IP address or network.<\/p>\n

Step 2: Connect to the EC2 Instance using Remote Desktop<\/h2>\n

Once your EC2 instance is up and running, retrieve its public IP address or public DNS name from the AWS Management Console. Use an RDP client to connect to the instance using the provided credentials. On Windows, you can use the built-in Remote Desktop Connection client, while on macOS, you have options like Microsoft Remote Desktop (available on the Mac App Store) or open-source alternatives such as FreeRDP or CoRD.<\/p>\n

Step 3: Set up USB Redirection for Your Signing Key<\/h2>\n

\"\"To use your physical USB signing key on the remote Windows desktop, you need to enable USB redirection or device redirection in your RDP client settings before connecting to the instance. Ensure that your local machine and the remote EC2 instance are connected to the same network or VPN. Connect your USB signing key to your local machine.<\/p>\n

Step 4: Use the USB Signing Key on the Remote Windows Desktop<\/h2>\n

After successfully connecting to the remote Windows desktop, your USB signing key should be available as if it were physically connected to the EC2 instance. You can now use the signing key with your code signing tools or Visual Studio to sign your Windows apps remotely.<\/p>\n

It’s important to keep in mind that USB redirection performance may be affected by network latency and bandwidth, so ensure that you have a stable and fast connection between your local machine and the AWS EC2 instance.<\/p>\n

Security Considerations<\/h2>\n

When setting up a remote Windows desktop for code signing, it’s crucial to follow security best practices:
\n– Limit RDP access to specific IP addresses or use a VPN for enhanced security.
\n– Use strong passwords or key pairs for authentication to prevent unauthorized access.
\n– Keep your EC2 instance and Windows operating system up to date with the latest security patches.
\n– Properly secure your USB signing key and protect it from unauthorized access.<\/p>\n

By following this approach, you can leverage the flexibility and scalability of AWS to set up a remote Windows environment and securely use your physical USB signing key for code signing, regardless of your local operating system.<\/p>\n

Happy code signing!<\/p>\n","protected":false},"excerpt":{"rendered":"

As a developer, you may find yourself in a situation where you need to code sign your Windows applications using a physical USB signing key, but you don’t have direct access to a Windows machine. Fortunately, with the power of cloud computing and remote desktop technology, you can set up a remote Windows environment on […]<\/p>\n","protected":false},"author":1,"featured_media":4076,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[1],"tags":[],"class_list":["post-4073","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2024\/04\/GMBy5ZwWIAAnizc.jpeg?fit=1024%2C1024&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p5Unzf-13H","jetpack-related-posts":[{"id":3543,"url":"https:\/\/www.gubatron.com\/blog\/tutorial-how-to-pause-an-aws-elastic-beanstalk-environment-using-the-dashboard\/","url_meta":{"origin":4073,"position":0},"title":"[TUTORIAL] HOW TO PAUSE AN AWS ELASTIC BEANSTALK ENVIRONMENT USING THE DASHBOARD","author":"gubatron","date":"June 23, 2016","format":false,"excerpt":"So you have set up a test elastic beanstalk environment because you don't want to put at risk your production elastic bean. You don't want to pay for the time you're not using it, and there's no freaking \"Pause Environment\" option. all you can do is \"Terminate Environment\"? but then\u2026","rel":"","context":"In "Code"","block_context":{"text":"Code","link":"https:\/\/www.gubatron.com\/blog\/category\/code\/"},"img":{"alt_text":"aws-elasticbean-no-pause-option","src":"https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2016\/06\/Screen-Shot-2016-06-23-at-1.54.48-PM-219x300.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":3213,"url":"https:\/\/www.gubatron.com\/blog\/aws-troubleshooting-how-to-fix-a-broken-ebs-volume-bad-superblock-on-xfs\/","url_meta":{"origin":4073,"position":1},"title":"AWS troubleshooting: how to fix a broken EBS volume (bad superblock on xfs)","author":"gubatron","date":"January 19, 2014","format":false,"excerpt":"As great as EBS volumes are on Amazon Web Services, they can break and not ever mount again, even though your data could still be there intact, a simple corruption on the filesystem structure can cause a lot of damage. On this post I teach you how to move all\u2026","rel":"","context":"In "Geeklife"","block_context":{"text":"Geeklife","link":"https:\/\/www.gubatron.com\/blog\/category\/geeklife\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2014\/01\/car-longshot2.jpg?fit=720%2C482&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2014\/01\/car-longshot2.jpg?fit=720%2C482&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2014\/01\/car-longshot2.jpg?fit=720%2C482&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2014\/01\/car-longshot2.jpg?fit=720%2C482&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":3127,"url":"https:\/\/www.gubatron.com\/blog\/cant-ssh-to-ec2-ubuntu-instance-etcfstab-breaks-bootup-due-to-missing-ebs-volume-solved\/","url_meta":{"origin":4073,"position":2},"title":"can’t ssh to ec2 ubuntu instance, \/etc\/fstab breaks bootup due to missing ebs volume [SOLVED]","author":"gubatron","date":"August 21, 2013","format":false,"excerpt":"So the \/etc\/fstab file on your root volume looked like this LABEL=cloudimg-rootfs \/ ext4 defaults 0 0 \/dev\/xvdf \/mnt\/backups auto defaults,comment=cloudconfig 0 2 by mistake you deleted the ebs volume that you had mounted on \/mnt\/backups (or whatever folder) and you restarted your ubuntu instance not knowing that if the\u2026","rel":"","context":"In "Code"","block_context":{"text":"Code","link":"https:\/\/www.gubatron.com\/blog\/category\/code\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3977,"url":"https:\/\/www.gubatron.com\/blog\/how-to-resize-aws-ec2-ebs-root-partition-without-rebooting-in-3-steps\/","url_meta":{"origin":4073,"position":3},"title":"How to resize AWS ec2 ebs root partition without rebooting in 3 steps","author":"gubatron","date":"September 14, 2022","format":false,"excerpt":"Go to the AWS EBS dashboard and modify the volume size. Might be good to create a snapshot of it for safety but haven't really failed ever doing this. # 1. Check the device of your partition $ sudo lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS loop0 7:0 0\u2026","rel":"","context":"In "Code"","block_context":{"text":"Code","link":"https:\/\/www.gubatron.com\/blog\/category\/code\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2022\/09\/xai-tmp-imgen-db8aab31-34e5-4be7-b882-a7e87a2836f9.jpg?fit=1091%2C655&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2022\/09\/xai-tmp-imgen-db8aab31-34e5-4be7-b882-a7e87a2836f9.jpg?fit=1091%2C655&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2022\/09\/xai-tmp-imgen-db8aab31-34e5-4be7-b882-a7e87a2836f9.jpg?fit=1091%2C655&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2022\/09\/xai-tmp-imgen-db8aab31-34e5-4be7-b882-a7e87a2836f9.jpg?fit=1091%2C655&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2022\/09\/xai-tmp-imgen-db8aab31-34e5-4be7-b882-a7e87a2836f9.jpg?fit=1091%2C655&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":2734,"url":"https:\/\/www.gubatron.com\/blog\/sample-etcfstab-entry-for-ebs-volume\/","url_meta":{"origin":4073,"position":4},"title":"Sample \/etc\/fstab entry for EBS volume","author":"gubatron","date":"May 23, 2012","format":false,"excerpt":"gid= and uid= are not valid for XFS, pass \"grpid=\" to your fstab entry. \/dev\/xvdf \/media\/ebs\/data xfs defaults,auto,noatime,noexec,grpid=1000 0 0","rel":"","context":"In \"aws\"","block_context":{"text":"aws","link":"https:\/\/www.gubatron.com\/blog\/tag\/aws\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3453,"url":"https:\/\/www.gubatron.com\/blog\/command-line-speed-test-see-how-fast-is-your-servers-connection\/","url_meta":{"origin":4073,"position":5},"title":"command line speed test, see how fast is your server’s connection","author":"gubatron","date":"January 6, 2016","format":false,"excerpt":"Save the following script in a file called speed_test #!\/bin\/bash # Requirements # sudo apt-get install lftp iperf lftp -e 'pget http:\/\/releases.ubuntu.com\/14.04.3\/ubuntu-14.04.3-desktop-amd64.iso; exit; ' make sure the file is executable: sudo chmod +x speed_test Once you have installed lftp and iperf make sure you have the script somewhere in your\u2026","rel":"","context":"In "Code"","block_context":{"text":"Code","link":"https:\/\/www.gubatron.com\/blog\/category\/code\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2016\/01\/Fiber-optics.jpg?fit=892%2C538&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2016\/01\/Fiber-optics.jpg?fit=892%2C538&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2016\/01\/Fiber-optics.jpg?fit=892%2C538&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.gubatron.com\/blog\/wp-content\/uploads\/2016\/01\/Fiber-optics.jpg?fit=892%2C538&ssl=1&resize=700%2C400 2x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.gubatron.com\/blog\/wp-json\/wp\/v2\/posts\/4073","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gubatron.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gubatron.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gubatron.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gubatron.com\/blog\/wp-json\/wp\/v2\/comments?post=4073"}],"version-history":[{"count":2,"href":"https:\/\/www.gubatron.com\/blog\/wp-json\/wp\/v2\/posts\/4073\/revisions"}],"predecessor-version":[{"id":4077,"href":"https:\/\/www.gubatron.com\/blog\/wp-json\/wp\/v2\/posts\/4073\/revisions\/4077"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.gubatron.com\/blog\/wp-json\/wp\/v2\/media\/4076"}],"wp:attachment":[{"href":"https:\/\/www.gubatron.com\/blog\/wp-json\/wp\/v2\/media?parent=4073"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gubatron.com\/blog\/wp-json\/wp\/v2\/categories?post=4073"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gubatron.com\/blog\/wp-json\/wp\/v2\/tags?post=4073"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}