This topic describes how to access a Linux host from a bastion host.

Prerequisites

  • The database engine of an ApsaraDB for MyBase dedicated cluster is MySQL or PostgreSQL.
  • The Grant OS Permissions parameter is set to Enabled when you create the ApsaraDB for MyBase dedicated cluster. For more information, see Create a dedicated cluster.
  • The Linux host in your ApsaraDB for MyBase dedicated cluster is associated with the bastion host. For more information, see Create a bastion host.

Background information

A bastion host can be used to record the behavior of users. All the user requests are forwarded by the bastion host. This prevents the database host from being connected to the Internet and ensures the security of the database host. You can use a bastion host to log on to and manage one or more hosts where your database instances are deployed. You can use a bastion host to log on to multiple database hosts.

Procedure

  1. Log on to the Bastionhost console.
  2. Find the bastion host that you want to enable and click Run on the right side to enable the bastion host.
    Enable a bastion host
  3. After the bastion host is enabled, return to the ApsaraDB for MyBase console. Find the dedicated cluster that you want to connect to, and click the cluster ID. In the left-side navigation pane of the cluster details page, click Bastion Hosts. On the page that appears, find the bastion host that you want to use and click Associate with Bastion Host.
    Bastion hosts
  4. Click Import Host. In the dialog box that appears, select the host that you want to import and click Import.
    Import a host
  5. Find the imported host, and click Add an account in the Host Account column to create a host account.
    Host accountCreate a host account
  6. Select the host for which you want to create an account and click Next.
    Next
  7. Click Create Bastion Host Account. In the dialog box that appears, specify the required information and click Create.
    Create an account
  8. Click Authorize Host in the Actions column. In the dialog box that appears, select the required host and click Authorize Hosts.
    Authorize a hostSelect a host
  9. Log on to the bastion host by running the ssh command on the terminal. Use the following command syntax:
    ssh <Username>@<Bastion host O&M address> -p<Bastion host port>
    Note
    • Set Username to the bastion host account that is created in Step 7.
    • Set Bastion host O&M address to the public O&M address of the bastion host.
    • Set Bastion host port to the port number of the bastion host. The default port number is 60022.

    Example

    ssh test@wddxxxxxx-public.bastionhost.aliyuncs.com -p60022
  10. Enter the password of the bastion host account.
  11. Move the pointer over the required host and press Enter.