All Products
Search
Document Center

Bastionhost:Perform SFTP-based O&M

Last Updated:Aug 01, 2023

This topic describes how to use an SFTP client tool on your computer to log on to a bastion host and access a host for which you want to perform O&M operations. SecureFX is used as an example.

Prerequisites

  • An O&M tool that supports SFTP, such as SecureFX, is installed on your computer.

  • The O&M addresses of the bastion host are obtained. You can obtain the O&M addresses in the Bastion Host Information section of the Overview page in the console of the bastion host. For more information, see Overview page. Overview

    Note

    Bastionhost provides fixed O&M addresses and supports dynamic O&M IP addresses to implement disaster recovery. The IP address to which the private O&M address of a bastion host is resolved may change. We recommend that you perform O&M operations by using an O&M address. This helps prevent unavailable O&M due to the IP address change.

Procedure

  1. Start SecureFX.

  2. Click Connect in the upper-left corner. In the Connect dialog box, click the 加号图标 icon.

    mac新建sftp连接
  3. In the Session Options - New dialog box, enter the O&M portal of the bastion host in the Hostname field, the default port number 60022, and a username used to access the bastion host. Then, click OK.

    mac连接sftp
  4. Select the created bastion host and click Connect.

    mac登录sftp
  5. In the Enter Secure Shell Password dialog box, enter the username and password of a RAM user and click OK.

    mac输入用户名密码
  6. Optional: If multi-factor authentication (MFA) is enabled for a RAM user, enter the verification code that you obtained from the bound MFA device (the Alibaba Cloud app) in the two-step verification dialog box and click OK.

    mac输入mfa_sftp
  7. After you log on to the bastion host, double-click the host for which you want to perform O&M operations to access the host directory and transfer files.

    Note

    If you cannot access the host directory, use one of the following methods to resolve the issue:

    • Check whether the username and password of the host are managed in Bastionhost. If the username and password of the host are not configured in Bastionhost, configure the username and password of the host. For more information, see Manage a host account.

    • Check whether the name of the host directory is garbled. If the name of the host directory is garbled, you can double-click a transcoding directory and ignore the error message. Then, you can right-click the blank space and select Refresh to transcode the garbled directory name.

    • Clear the cache on SecureFX.

    If none of the preceding methods resolve your issue, join the DingTalk group numbered 33797269 to consult technical experts.

    选择目录