Perform SSH-based O&M on a Windows client - Bastionhost - Alibaba Cloud Documentation Center

This topic describes how to use a local SSH client tool to log on to a bastion host and access a host on which you want to perform O&M operations. Xshell is used as an example.

Prerequisites

An O&M tool that supports SSH, such as Xshell, SecureCRT, or PuTTY, is installed on your local host.
The O&M addresses of the bastion host are obtained. You can obtain the O&M addresses in the Bastion Host Information section on the Overview page of the console of the bastion host. For more information, see Log on to the console of a bastion host.
Note
Bastionhost provides fixed O&M addresses and supports dynamic O&M IP addresses to ensure security. The IP address to which the private O&M address of a bastion host is resolved may change. We recommend that you perform O&M operations by using an O&M address. This helps prevent unavailable O&M due to the IP address change.
The public key of a user is hosted on the bastion host if you want to log on to the bastion host by using the public key of the user. For more information, see Host the public key of a user.

Log on to a bastion host by using a password

Start Xshell. Click the New icon on the File menu. In the Properties of New Session dialog box, click Connection in the left-side navigation pane and enter an O&M address and an SSH port number in the General section.
The SSH port number is 60022 by default.
In the left-side navigation pane, choose Connection > Authentication, enter the username and password that are used to log on to the bastion host, and then click OK.
Optional: If multi-factor authentication (MFA) is enabled for a RAM user, enter the verification code that you obtained from the bound MFA device (the Alibaba Cloud app) in the Two-Step Verification dialog box and click OK.
On the asset management page, select the host on which you want to perform O&M operations by pressing the upward or downward arrow key, and press Enter to access the host for O&M.

Log on to a bastion host by using the public key of a user

Start Xshell. Click the New icon on the File menu. In the Properties of New Session dialog box that appears, click Connection in the left-side navigation pane and enter an O&M address and an SSH port number in the General section.
The SSH port number is 60022 by default.
In the left-side navigation pane, choose Connection > Authentication, set Method to Public Key.
Click Setup. In the Setup Public Key dialog box, upload the private key file that matches the public key hosted on the bastion host and click OK.
Optional: If MFA is enabled for a RAM user, enter the verification code that you obtained from the bound MFA device (the Alibaba Cloud app) in the Two-Step Verification dialog box and click OK.
On the asset management page that appears, select the host for which you want to perform O&M operations by pressing the upward or downward arrow key, and press Enter to access the target host for O&M.
You can use one of the following methods to search for specific assets:
- Enter /Keyword. The search results are highlighted, as shown in the following figure.
- Use the search feature provided by Bastionhost to filter specific assets by keyword.
  For example, if you want to filter assets by keyword key, you can click [Search] to go to the [Search] page. Then, enter ls Key and press the Enter key. The assets that contain the filter condition key are automatically displayed, as shown in the following figure.
  Note
  For more information about the [Search] command, enter help or help ls.