This topic describes how to use a local SSH client tool to log on to Bastionhost and access a host for which you want to perform O&M operations. Xshell is used as an example.


  • An O&M tool that supports SSH, such as Xshell, SecureCRT, or PuTTY, is installed on your local host.
  • Bastionhost O&M addresses are obtained. You can obtain these addresses in the O&M Portals section on the Overview page of Bastionhost. For more information, see Log on to Bastionhost.O&M Portals section


  1. Start the Xshell tool. Click the New icon on the File menu. In the Properties of New Session dialog box that appears, click Connection in the left-side navigation pane and enter a Bastionhost O&M address and an SSH port number in the General section.

    The SSH port number is 60022 by default.

    Configure SSH-based connection
  2. Choose Connection > Authentication in the left-side navigation pane, enter the username and password used to access Bastionhost, and click OK.
    Identity authentication
  3. Optional:If multi-factor authentication (MFA) is enabled for a RAM user, enter the verification code obtained from the bound MFA device (the Alibaba Cloud app) in the two-step verification dialog box that appears and click OK.
    MFA verification code
  4. On the asset management page that appears, select the host for which you want to perform O&M operations by pressing the upward or downward arrow key, and press Enter to access the target host for O&M.
    Select the target host for O&M